Hi everyone,
actually we're running a FMG-VM with FOS6.2.3, and we want to use the new feature of 6.2, "Consolidated Policy".
As described in the cookbook https://docs.fortinet.com/document/fortimanager/6.2.0/new-features/49766/consolidated-firewall-mode, I am not able to turn on the display option for the consolidated policies, because it is simply not there:
Any clue why it behaves like that? I tried every combination of enabled and disabled consolidated policy feature on the regarding FGs and in the Policy Package option. It is a 6.2 ADOM.
It seems to be just a bug.
Any hint would be highly appreciated!
BR
Florian
Solved! Go to Solution.
Just checked ours, on 6.2.1, and also no option to enable it...
That document reference was only relevant for 6.2.0. Even so, by the time of 6.2.0 GA release, it was no longer necessary to change display options directly. Instead it is just necessary to enable consolidated policy mode for the policy package you are working on. (https://docs.fortinet.com...te-new-policy-packages)
Step 1: Right-click on Policy Package Step 2: Click on "Enable" Step 3: Enable "Consolidated Firewall Mode" (Those 3 steps have remained constant for all FMG 6.2.x patch releases afaik) Result (for FMG 6.2.0): Now you should see a new line item for a Consolidated policies line item under the Policy Package. Note: Later FMG 6.2 patches may have a different name for the line item that better matches the naming convention in the similar patch level of FortiOS 6.2.
Hello, check out this video that shows how to enable it in the FGT and some considerations to have before.
https://www.youtube.com/watch?v=6-GBlFCGZbg
Rergards
GabyRossi
Hi GabyRossi,
sorry, but our FGTs are managed with our FMG. Configuring on the FGT is no problem at all, but I want and have to configure it via the FMG, where the display option "Consolidated Policy" is missing.
BR
Florian
Just checked ours, on 6.2.1, and also no option to enable it...
That document reference was only relevant for 6.2.0. Even so, by the time of 6.2.0 GA release, it was no longer necessary to change display options directly. Instead it is just necessary to enable consolidated policy mode for the policy package you are working on. (https://docs.fortinet.com...te-new-policy-packages)
Step 1: Right-click on Policy Package Step 2: Click on "Enable" Step 3: Enable "Consolidated Firewall Mode" (Those 3 steps have remained constant for all FMG 6.2.x patch releases afaik) Result (for FMG 6.2.0): Now you should see a new line item for a Consolidated policies line item under the Policy Package. Note: Later FMG 6.2 patches may have a different name for the line item that better matches the naming convention in the similar patch level of FortiOS 6.2.
Hi chall,
to be more precise, the line is not intentionally called "Consolidated Policy", you will find it under " SSL Inspection & Authentication", which is quite confusing and does not feel right. My eyes didn't catch that for a long time of toggling and trying.
Please take care of tracking and correcting such things in the guides.
But thanks for you help.
BR
Florian
Thank-you, Florian. I realize that my information was actually based upon FortiManager 6.2.0 (I will retroactively go back & modify my past post). It seems there were many changes patch by patch in terms of how that line item in the menu was named. FortiManager GUI was just attempting to track similar changes to naming conventions occurring in FortiOS 6.2.x.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.