Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Florian
New Contributor

Created on ‎03-03-2020 02:46 AM

FortiManager "Consolidated Policies" display option missing

Hi everyone,

 

actually we're running a FMG-VM with FOS6.2.3, and we want to use the new feature of 6.2, "Consolidated Policy".

 

As described in the cookbook https://docs.fortinet.com/document/fortimanager/6.2.0/new-features/49766/consolidated-firewall-mode, I am not able to turn on the display option for the consolidated policies, because it is simply not there:

 

 

Any clue why it behaves like that? I tried every combination of enabled and disabled consolidated policy feature on the regarding FGs and in the Policy Package option. It is a 6.2 ADOM.

It seems to be just a bug.

 

Any hint would be highly appreciated!

 

BR

Florian

 

Preview file
75 KB
Labels:
8949
0 Kudos
2 Solutions
ShawnZA
Contributor II
In response to Florian

Created on ‎03-04-2020 04:24 AM

Just checked ours, on 6.2.1, and also no option to enable it...

View solution in original post

7437
0 Kudos
chall_FTNT
Staff
Staff
In response to ShawnZA

Created on ‎03-04-2020 05:08 PM

That document reference was only relevant for 6.2.0.  Even so, by the time of 6.2.0 GA release, it was no longer necessary to change display options directly. Instead it is just necessary to enable consolidated policy mode for the policy package you are working on. (https://docs.fortinet.com...te-new-policy-packages)

 

Step 1: Right-click on Policy Package Step 2: Click on "Enable" Step 3: Enable "Consolidated Firewall Mode" (Those 3 steps have remained constant for all FMG 6.2.x patch releases afaik) Result (for FMG 6.2.0): Now you should see a new line item for a Consolidated policies line item under the Policy Package. Note: Later FMG 6.2 patches may have a different name for the line item that better matches the naming convention in the similar patch level of FortiOS 6.2.

Chris Hall
Fortinet Technical Support

View solution in original post

7437
0 Kudos
6 REPLIES 6
gabyrossi
Contributor

Created on ‎03-03-2020 11:18 AM

Hello, check out this video that shows how to enable it in the FGT and some considerations to have before.

https://www.youtube.com/watch?v=6-GBlFCGZbg

 

Rergards

 

GabyRossi

7382
0 Kudos
Florian
New Contributor
In response to gabyrossi

Created on ‎03-04-2020 02:22 AM

Hi GabyRossi,

 

sorry, but our FGTs are managed with our FMG. Configuring on the FGT is no problem at all, but I want and have to configure it via the FMG, where the display option "Consolidated Policy" is missing.

 

BR

Florian

7382
0 Kudos
ShawnZA
Contributor II
In response to Florian

Created on ‎03-04-2020 04:24 AM

Just checked ours, on 6.2.1, and also no option to enable it...

7438
0 Kudos
chall_FTNT
Staff
Staff
In response to ShawnZA

Created on ‎03-04-2020 05:08 PM

That document reference was only relevant for 6.2.0.  Even so, by the time of 6.2.0 GA release, it was no longer necessary to change display options directly. Instead it is just necessary to enable consolidated policy mode for the policy package you are working on. (https://docs.fortinet.com...te-new-policy-packages)

 

Step 1: Right-click on Policy Package Step 2: Click on "Enable" Step 3: Enable "Consolidated Firewall Mode" (Those 3 steps have remained constant for all FMG 6.2.x patch releases afaik) Result (for FMG 6.2.0): Now you should see a new line item for a Consolidated policies line item under the Policy Package. Note: Later FMG 6.2 patches may have a different name for the line item that better matches the naming convention in the similar patch level of FortiOS 6.2.

Chris Hall
Fortinet Technical Support
7438
0 Kudos
Florian
New Contributor
In response to chall_FTNT

Created on ‎03-05-2020 03:21 AM

Hi chall,

 

to be more precise, the line is not intentionally called "Consolidated Policy", you will find it under " SSL Inspection & Authentication", which is quite confusing and does not feel right. My eyes didn't catch that for a long time of toggling and trying.

 

Please take care of tracking and correcting such things in the guides.

 

But thanks for you help.

 

BR

Florian

Preview file
113 KB
7382
0 Kudos
chall_FTNT
Staff
Staff
In response to Florian

Created on ‎03-05-2020 09:20 AM

Thank-you, Florian.  I realize that my information was actually based upon FortiManager 6.2.0 (I will retroactively go back & modify my past post).   It seems there were many changes patch by patch in terms of how that line item in the menu was named.  FortiManager GUI was just attempting to track similar changes to naming conventions occurring in FortiOS 6.2.x.

Chris Hall
Fortinet Technical Support
7382
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.