Group address objects synchronized from FortiManager
Address objects from external connectors that are learned by FortiManager are synchronized to FortiGate. These objects can be grouped together with the FortiGate CLI to simplify selecting connector objects in the FortiGate GUI. Multiple groups can be created.
This option is only available for objects that are synchronized from FortiManager.
To add an object to a connector group:
config user adgrp edit <object_name> set server-name "FortiManager" set connector-source <group_name> next end
In this example, objects learned by the FortiManager from an Aruba ClearPass device are synchronized to the FortiGate. Some of the objects are then added to a group called ClearPass to make them easier to find in the object list when creating a firewall policy.
Prior to being grouped, the synchronized objects are listed under the FortiManager heading in the object lists.
To add some of the objects to a group:
config user adgrp edit "cp_test_FSSOROLE" set server-name "FortiManager" set connector-source "ClearPass" next edit "cp_test_[AirGroup v2]" set server-name "FortiManager" set connector-source "ClearPass" next end
The objects are now listed under the ClearPass heading.