Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sw2090
Honored Contributor

FMG Refusing to create Policy - no clue why

FMG is on 6.0x

ADOM is on 5.6. Installation target has 5.6.

 

I created an Interface-zone containing ipsec tunnels 

I created an address object group containing all netowrk address objects I need.  All have set interface to any.

 

I create a policy:

 

src interface: uplink (aggregation of port1 and 2)

src address: addres group containig some client

dst infterface: the zone I created above

dst address: the address group a created above

no NAT

 

Once I supply this to FMG all I get is "firewall/policy/4/dstaddr : dstaddr("Standortnetze") binding interface must be (any) (policyid: 4)".  I don't know whay that happens since the address objects in "Standortnetz " are all bound to "any".

 

any advice anyone?

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
0 REPLIES 0
Labels
Top Kudoed Authors