I am unable to import firewall policies to FMG.
In the FMG I have a “never installed “ raining and it’s fine, but when I import Policies from the FGT I keep getting this:
import objs: dev(xxxx-FW),vdom(root),adom(xxx),package(xxxxx_root)
Failed to commit changes (command(set firewall policy.8:dstaddr xx.xx.xx.xx "*.xxx.com") detail(datasrc invalid. object: firewall policy dstaddr. detail: GOOGLE. solution: data cannot be used. reason: invalid value - prop[dstaddr]: Address group cannot contains wildcard-fqdn type address))
In the firewall there are NO wildcard-FQDN addresses in the whole firewall!!!!!
The policy is working and it is making traffic, it’s just can’t be imported
Address group cannot contains wildcard-fqdn type address))
I know the problem lies there, but there is NO wildcards FQDN Address in the whole firewall.
Going to firewall -> Address list and scrolling down, there is NO FQDN address list.
IT seems Fortiguard, during the import, is importing another Address Object that lies elsewhere not in the firewall itself
What is the Version of your FMG , FGT , and ADOM in question?
all of them are 5.6.2
Anyway, I have solved removing the FGT from FMG and readding it :)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.