Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Two policy packages linked to same device

I took over an infrastructure from someone and it is a little bit messy. Before I make big changes I have a question.


Simplified environment to explain it: I have here a device group with one firewall in it. At the same time I have two policy packages. One has as the installation target the firewall itself and the other one has as the installation target the group.


What happens now on the firewall with the rules/policies? Are they merged together? Or is only one applied.

New Contributor

The only way I know of is to associate multiple fortigates to the same policy package. You can build a policy structure where you have generic policies and then build specific policies using the "install to" field in the FMG. Extra bonus points for using sections so that all policies for a unique firewall is placed inside that section, making navigation easier.

This was not my question. I need to know how the current infrastructure behaves. Not how I should do it in the future. But thanks anyway.


- Device manager -> Device & Groups -> Managed Fortigate, you will see which policy package is installed on the Fortigate.

- keep the installation target in Policy Packages, will allow you to install the wrong policy package

A Srour

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors