Unable to create policy for individual zone member interface
As topic says. I cannot create policy for port 1 and port 2, presumably because they are members of a zone. Happened after upgrade to 5.0.5. How can I create individual policy for those ports? Do I have to remove the zone? What happens to the existing policies involving port 1 or port 2 if I do?
Update: Actually I cannot use any VLANs on port 1 and 2 in any policy because they are all missing since the update...
Thanks for replying.
All the interfaces are available from the CLI. When I create a policy from the CLI the configured policy shows up in GUI, but I cannot create new policies for any VLAN interface from GUI as they are missing.
Do you have any references for your proposed solution? It basically means to nearly set up the Fortigate from scratch, which is something I hesitate to do.
What do you mean they are missing? What model do you have?. If you have a lower model they might be missing.
You can create the vlan interface from GUI:
In Network>Interface>Create New>Interface and you select Type vlan.
You can cackup the config and modify it to remove the zone and create firewall policies without the zones and restore the modified config, but that requires some tweaking, it might be dangerous if you are inexperienced.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.