Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ambush4261
New Contributor II

Fortimanager best practice

Hi community !

 

Just need some point a view the way users manage their routers from the Fortimanager.

We have arround 150 routers managed from the fortimanager but our issue is that for now we have a policy object template for each router so manage. The fact is the config is globally the same on all routers but there is still a few diff on the policy rules and also on the Schedules, depending of the location of the router.

The point is that now we are reaching some number of objects limits due to the many templates copies.

I would like to use less template with may routers as target.

How do people manage that kind of scenario ?

 

Thanks

2 REPLIES 2
Toshi_Esumi
Esteemed Contributor III

If the majority of the policy set are the same through all FGTs, you can use below mechanism to cover the site specific factors.

1. metafield variable that you can use calculate or concatenate to plug in as one value 

2. dynamic objects per location, like an address object with different IP per location
3. specify devices for a policy: under "Install On" column you can pick spcific devices to apply that policy

Based on these, we use about a handful of policy packages for 500+ FGTs for one customer.

Toshi

Labels
Top Kudoed Authors