Starting in FortiManager 7.0.1, normalized interfaces support wildcard definitions to match multiple objects.
- Create the wildcard interface.
- The Wildcard Interfaces configuration is available when creating normalized interfaces.
- This rule allows the use of "
." as a wildcard character to match any single alphanumeric character, and "
*" to represent zero or more characters.
- Multiple interfaces can be mapped to this rule.
- Use the wildcard interface in a policy.
- The new wildcard interface is used in a Firewall Policy the same way a regular interface is, but is interpreted as one or more interface that matches the defined wildcard definition.
- Install the policy.
- During the install, all of the matched objects are installed on the FortiGate.
- Go to Policy & Objects > Object Configurations >Normalized Interface , and create a new normalized interface.
- Set the Wildcard toggle to the ON position, and then enter a Wildcard Interface definition, for example "
Save the normalized interface.
- Go to Policy & Objects > Policy Packages, and edit or create a Firewall Policy, and use the new wildcard interface in the policy.
Save the Firewall Policy.
- Install the Firewall Policy. During the install, all objects that match the wildcard definition are installed.
In this example, the install preview shows that multiple objects matching the firewall definition will be installed.
config firewall policy
82: edit 27
83: set uuid d2c9c43c-c4ba-51ac-851c-a3e2657d0614
84: set srcintf "a1234" "a123b"
85: set dstintf "any"
86: set srcaddr "all"
87: set dstaddr "all"
88: set schedule "always"
89: set service "ALL"
90: set logtraffic all
- After install, FortiGate gets the policy, including the objects that matched the wildcard definition.