I am implementing Fortimanager to simplify configuration of our firewalls. We have (6) 70F units running 7.0.9. I have added them all to Fortimanager, and cloned one of the configs to a policy package I want to use for all of them. The configs are almost identical on all of them. There are two units that do not have all of the needs that the other 4 do. I have figured out how to prevent certain firewall policies from getting pushed to these through installation targets on the policies. When I try to push this policy pak to the two units, I am getting the following:
These two firewalls do not have an ATM VLAN, so there is no entry in the normalized interface object for either of them. I am not sure how SNAT is coming into play. I cannot locate the Central SNAT (which we do use) anywhere in FM.
I am able to push this policy pak to all the other firewalls without issue. Any insight into what I am doing wrong is appreciated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.