Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

How to remove an address?

If I go into the Fortigate under: Firewall -> Address How do I REMOVE an address that I put in there? I only see Create New and Edit options.

If that object (address) is used in any other place of the configuration (for example in one firewall policy), you cannot delete until you free it


/ Abel

regards / Abel

A little question ... does anybody know if its possible to diplay a list of configuration entrys, that uses an specific object ?

not yet; meanwhile you could save your conf in a text file and search through it for object matches


/ Abel

regards / Abel
Not applicable

Ah, I see now. I had a spot where it was at. It would be nice if it could tell you where you had it in (fortunately I only have like 5 policies right now) but I can see in a real busy setup it would be difficult. Thanks very much!!!!!
New Contributor

There is one way, but it' s a diagnostic command, so it' s not supported and may be a little tricky. Basically you go: diagnose sys checkused <path to item in CLI>.<attribute name> <value of attribute> So for example if I wanted to check where an interface named " test_intf" was used I would type in: diag sys checkused test_intf The path to the item in the CLI can be gotten from the cli: eg. Config system interface = system.interface Config firewall vip = Config system dhcp server = system.dhcp.server The attribute name is the " key" for the configuration table, so " name" in most cases, " id" in others. The output can be a little cryptic, and may show some hidden entries that are created automatically (like the VIP' s for DNS forwarding). So this command can' t solve all your problems, but it might help a bit.

nice command thanks!


/ Abel

regards / Abel

Interesting .. Thinak you !
Not applicable

Any idea why I' m not getting output from this command? BMH-FIREWALL # diagnose sys checkused firewall.policy edit.13 BMH-FIREWALL # diagnose sys checkused firewall.policy edit 13 command parse error before ' 13' Command fail. Return code -61 BMH-FIREWALL # diagnose sys checkused firewall.policy edit.72 BMH-FIREWALL #
Valued Contributor III

Possibly because a policy is not used in anything else... A group is used in a policy, so you may see something there, but the policy is the end game. You can always remove one, no dependencies.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at:

Bob - self proclaimed posting junkie!See my Fortigate related scripts at:
Check out our Community Chatter Blog! Click here to get involved
Top Kudoed Authors