Policy and Objects – FortiManager 5.2

Log column options

To apply a column filter to this column, right-click the column header and select Column Filter from the menu. The Column Filter dialog box opens. Select the action, value, and select Add to add the filter. Select Apply to apply the column filter. You can also select to clear all filters.

See To edit a policy schedule: for more information.

Right-click in the Log column to access the right-click menu. The following options are available:

Disable Select to disable logging.
Log Security Events Select to log security events only.
Log All Sessions Select to log all sessions.
NAT column options

To apply a column filter to this column, right-click the column header and select Column Filter from the menu. The Column Filter dialog box opens. Select the action, value, and select Add to add the filter. Select Apply to apply the column filter. You can also select to clear all filters.

Right-click in the NAT column to access the right-click menu. The following options are available:

Disable Select to disable NAT.
Use Destination Address Select to use destination address.
Dynamic IP Pool Select to use dynamic IP pool, if configured.
Install On column options

To apply a column filter to this column, right-click the column header and select Column Filter from the menu. The Column Filter dialog box opens. Select the action, value, and select Add to add the filter. Select Apply to apply the column filter. You can also select to clear all filters.

Right-click in the Install On column to access the right-click menu. The following options are available:

Add Object(s) Select to change the install on value. The Add Install dialog box is displayed. Select objects then select OK.
Remove Object(s) Select to remove an install on entry.
Set To Default Select to set to the default value.
Where Used Select to check where the object is used. A dialog box will be displayed listing all instances of the object selected.

 

Select All Select to select all entries in this column entry.
Section right-click menu options

After you have created a new section, you can right-click the section to access the section right-click menu. The following options are available:

Append Policy Select to append the policy to the section selected.
Edit Title Select to edit the section title.
Delete Select to delete the section selected.
Collapse All Select to collapse all policies under the section selected.
Expand All Select to expand all policies under the section selected.
UUID column right-click menu options

To apply a column filter to this column, right-click the column header and select Column Filter from the menu. The Column Filter dialog box opens. Select the action, value, and select Add to add the filter. Select Apply to apply the column filter. You can also select to clear all filters.

Right-click in the UUID column to access the right-click menu. The following options are available:

Copy UUID Select to copy the UUID to the clipboard.
View Log Select to view the log by UUID.
This entry was posted in Administration Guides, FortiManager and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

9 thoughts on “Policy and Objects – FortiManager 5.2

  1. Richard Lopez

    Question about ADOMs. In previous versions of FortiOS 4.3 maybe earlier. When you had multiple devices under an ADOM the policies and objects were clearly separated per device being managed. With the newer FortiOS it seems as though there is overlapping and my policies and objects seem to be cross contaminated between devices. What is your perspective on this and/or work around? Thank you in advance – Richard

    Reply
    1. Mike Post author

      I always keep my devices separated by Firmware version. ADOM 4.3 ADOM 5.2 ADOM 5.4 etc to keep things nice and neat.

      Reply
  2. simbhu

    I have an issue for deleting the V4.2 ADOMs from FMG V5.2 getting the below error.

    Some ADOM(s) were not deleted successfully because they are not empty

    But those ADOMs are not used anywhere. How to find out where it is used?

    No admin accounts having access to the ADOM, No policy package for the ADOM.

    Reply
    1. Mike Post author

      Usually, it experiences this issue because something somewhere is still referencing it. Whether that item be a policy package as you mentioned before or a group etc.

      Reply
  3. Thierry

    Hi Mike,

    We use fortimanager v5.4.1-build1082 160629 (GA) FMG-VM64 but we cant drag and drop within the rule base. (drag en drop from the object side plain does work) I have seen a instruction video were they lock the adom but also that future is non exsistent in our GUI.

    You have any idea what this could be ? I did not see any issues on this subject on the fortinet site. We have upgraded from a older version FM.

    kind regards and thanks for this great support site, i look here first!

    Reply
      1. Thierry

        Not sure ( I was not involved and there is no change history) but i did found this in the “alert message console”

        Upgrade image from v5.2.7-build0757-160408(GA) to v5.4.1-build1082-160629

        Reply
  4. linaab

    Hello,

    HELP !! we have multiple firewalls we would like to upload on our Fortimanager in the same ADOM.

    The problem is that some objects have the same names but different IPs adresses. i read that the only solution is mapping the objects. if we do so we will have to it manually on every object (more than ~200) which is not an option for me. Can you please help me with this problem ?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.