Fortinet white logo
Fortinet white logo

Administration Guide

Import policy wizard

Import policy wizard

On the Device Manager > Device & Groups pane, right-click a device, and select Import Policy to launch the Import Device wizard. This wizard allows you to import interface maps, policy databases, and objects. Default or per-device mapping must exist or the installation will fail.

After initially importing policies from the device, make all changes related to policies and objects in Policy & Objects on the FortiManager.

Making changes directly on the FortiGate device will require reimporting policies to resynchronize the policies and objects.

Device Interface

The Device Interface page allows you to choose an ADOM interface for each device interface. When importing configuration from a device, all enabled interfaces require a mapping.

Interface maps will be created automatically for unmapped interfaces.

Select Add mapping for all unused device interfaces to automatically create interface maps for unused interfaces.

Policy

The policy page allows you to create a new policy package for import.

Select a folder from the dropdown menu, specify a policy package name, then configure the following options:

Policy Package Name

Type a name for the policy package.

Folder

Select a folder on the dropdown menu.

Policy Selection

Select to import all, or select specific policies and policies groups to import.

Object Selection

Select Import only policy dependent objects to import policy dependent objects only for the device.

Select Import all objects to import all objects for the selected device.

Object

The object page will search for dependencies, and reports any conflicts it detects.If conflicts are detected, you must decide whether to use the FortiGate value or the FortiManager value. If there are conflicts, you can select View Details to view details of each individual conflict, or you can download an HTML conflict file to view all the details about the conflicts. Duplicates will not be imported.

Click Next to view the objects that are ready to be imported, and then click Next again to proceed with importing.

Import

Objects are imported into the common database, and the policies are imported into the selected package. Click Next to continue to the summary.

The import process removes all policies that have FortiManager generated policy IDs, such as 1073741825, that were previously learned by the FortiManager device. The FortiGate unit may inherit a policy ID from the global header policy, global footer policy, or VPN console.

Summary

The summary page allows you to download the import device summary results. It cannot be downloaded from anywhere else.

Import policy wizard

Import policy wizard

On the Device Manager > Device & Groups pane, right-click a device, and select Import Policy to launch the Import Device wizard. This wizard allows you to import interface maps, policy databases, and objects. Default or per-device mapping must exist or the installation will fail.

After initially importing policies from the device, make all changes related to policies and objects in Policy & Objects on the FortiManager.

Making changes directly on the FortiGate device will require reimporting policies to resynchronize the policies and objects.

Device Interface

The Device Interface page allows you to choose an ADOM interface for each device interface. When importing configuration from a device, all enabled interfaces require a mapping.

Interface maps will be created automatically for unmapped interfaces.

Select Add mapping for all unused device interfaces to automatically create interface maps for unused interfaces.

Policy

The policy page allows you to create a new policy package for import.

Select a folder from the dropdown menu, specify a policy package name, then configure the following options:

Policy Package Name

Type a name for the policy package.

Folder

Select a folder on the dropdown menu.

Policy Selection

Select to import all, or select specific policies and policies groups to import.

Object Selection

Select Import only policy dependent objects to import policy dependent objects only for the device.

Select Import all objects to import all objects for the selected device.

Object

The object page will search for dependencies, and reports any conflicts it detects.If conflicts are detected, you must decide whether to use the FortiGate value or the FortiManager value. If there are conflicts, you can select View Details to view details of each individual conflict, or you can download an HTML conflict file to view all the details about the conflicts. Duplicates will not be imported.

Click Next to view the objects that are ready to be imported, and then click Next again to proceed with importing.

Import

Objects are imported into the common database, and the policies are imported into the selected package. Click Next to continue to the summary.

The import process removes all policies that have FortiManager generated policy IDs, such as 1073741825, that were previously learned by the FortiManager device. The FortiGate unit may inherit a policy ID from the global header policy, global footer policy, or VPN console.

Summary

The summary page allows you to download the import device summary results. It cannot be downloaded from anywhere else.