Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
titanium98118
New Contributor II

Created on ‎02-09-2025 05:50 PM Edited on ‎02-09-2025 06:12 PM

IPV6 FQDN objects can't be added to SD-WAN rules

Hi,

 

I find that IPV6 SD-WAN rules are unable to add IPV6 FQDN objects.

Was this by-design? Or a bug?

Device: fortigate 60e

OS: 7.4.7

 

config firewall address6
    edit "speed.cloudflare.com"
        set uuid 3e275afe-e74f-51ef-ba51-85ac2c2767bd
        set type fqdn
        set fqdn "speed.cloudflare.com"
    next
end

 

 

screenshot.png

Labels:
407
0 Kudos
7 REPLIES 7
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-12-2025 04:40 AM

Hello titanium98118, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Jean-Philippe - Fortinet Community Team
357
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-14-2025 12:28 AM

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

Thanks,

Jean-Philippe - Fortinet Community Team
342
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-14-2025 07:00 AM

Hello again,

 

Please tell me if this works:

 

To add IPv6 FQDN objects to SD-WAN rules with FortiGate 60E running v7.4.7, follow these steps:

 

  1. Create an IPv6 FQDN Address Object:

   - Go to Policy & Objects -> Addresses -> Addresses.

   - Select Create New and select Address.

   - Choose IPv6 as the Address Type.

   - Enter the FQDN address in the format: ‘*.example.com’.

   - Save the address object.

 

  1. Configure SD-WAN Rule with the IPv6 FQDN Address Object:

   - Go to Policy & Objects -> SD-WAN Rules.

   - Select Create New to add a new rule.

   - Set the Source and Destination as needed.

   - Under Destination Address, select the IPv6 FQDN address object created in step 1.

   - Configure other settings like Service, Members, and Action accordingly.

   - Save the SD-WAN rule.

 

By following these steps, you can add IPv6 FQDN objects to SD-WAN rules on your FortiGate 60E running v7.4.7.

Jean-Philippe - Fortinet Community Team
326
0 Kudos
titanium98118
New Contributor II
In response to Jean-Philippe_P

Created on ‎02-14-2025 07:40 AM

Hi Philippe,

It's still unable to select FQDN object from IPv6 SD-WAN rules.

2.png1.png

320
0 Kudos
rmreddy
Staff
Staff

Created on ‎02-17-2025 01:39 AM

Hi,

looks like it is a bug in v7.4.7, please reach TAC.
In v7.6.x able to create.

275
0 Kudos
titanium98118
New Contributor II
In response to rmreddy

Created on ‎02-19-2025 07:11 AM

TAC answered,

It may not a bug. On 7.4.7 version, sdwan rule not support IPv6 FQDN,lt only support IPv6 subnet address.

238
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-19-2025 07:13 AM

Thanks titanium98118 for letting us know!

 

Have a great day!

Jean-Philippe - Fortinet Community Team
234
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.