Advanced Features : Searching for global objects content : IP address search rules
 
IP address search rules
If you select Address in the Search for field and then Object by Value in the Search Criteria field, select the value type (IP Address/Range or FQDN) and enter the IP or FQDN in the Address field. You can use the exact match or regular expression to enter the IP or FQDN.
The following examples explain the IP address search rules.
Assuming that we have the following IP address definitions:
#
IP Address/Mask or IP Range
1
192.169.10.1/32
2
192.169.10.0/24
3
192.169.0.0/16
4
192.169.10.1-192.169.10.9
5
192.169.10.10-192.169.10.19
If you enter an IP/mask or IP range, the search result will be an exact match of the value you entered.
For example, searching 192.169.10.1/32 returns IP #1 in the table and searching 192.169.10.1-192.169.10.9 returns IP #4 in the table.
If you enter a single IP, all definitions that include the IP in its range will be displayed.
For example, searching 192.169.10.2 returns #2, 3, and 4 in the table, and searching 192.169.10.20 returns #2 and 3 in the table.
If you enter an IP wildcard, all definitions within the subnet will be displayed.
For example, searching 192.169.10.* returns #1, 2, 4, and 5 in the table, and searching 192.169.*.* returns #1, 2, 3, 4, and 5 in the table.
To search an object by name:
1. From the Main Menu Bar, select Search.
2. In the Search for field, select an object.
3. In the Search Criteria field, select Object Name.
4. Enter the object name, then select a search method.
5. In the Scope field, select global database or a particular device/device group within which to search for the object. You can select More>> to add more search parameters:
All Databases: Select to search all databases in the FortiManager system. You can also select Search All ADOMS to search the databases of each ADOM.
Narrow Search Parameters (optimized): If you know which ADOM the object is in, select this option to save search time. You can select the ADOM, the Global Database/Security Console of the ADOM, or a particular Device or Group in the ADOM.
6. Select Search.
The search result displays the following information:
Delete
Select the check box beside an address that you want to delete, then select Delete to remove it. If there is no check box beside an address, it means that this address is used by an address group.
New Search
Select to start a new search.
Name
The name of an address.
Address/FQDN
The IP address/mask of the address.
Detail
Any comments added for the firewall address.
ADOM
The ADOM that this address is in. For information about ADOMs, see “Administrative Domains”.
Device (VDOM)
The database where this address is saved.
Filter
Display the devices and groups that can use the global firewall address configuration.
If specific devices and/or groups are listed, it means that these devices and groups are allowed to use the configuration.
If All Devices/Groups displays, it means that all devices and groups are allowed to use the configuration.
To search an object by value:
1. From the Main Menu Bar, select Search.
2. In the Search for field, select Address or Service.
3. In the Search Criteria field, select Object by Value.
4. Do one of the following:
If you selected Address in the Search for field, select the value type (IP Address/Range or FQDN) and enter the IP or FQDN in the Address field. You can use the exact match or regular expression to enter the IP or FQDN.
If you selected Service in the Search for field, select a protocol and enter the corresponding information for the protocol following the table.
Protocol
Corresponding information
IP
Protocol Number: The IP protocol number for the service.
ICMP
Type: The ICMP type number for the service.
Code: The ICMP code number for the service.
TCP/UDP
TCP Port Range: The TCP port number range.
UDP Port Range: The UDP port number range.
5. Repeat step 5 in “To search an object by name:”.
6. Select Search.
The search result displays.
Delete
Select the check box beside a service that you want to delete, then select Delete to remove it. If there is no check box beside a service, it means that this service is used by a service group.
New Search
Select to start a new search.
Service Name
The name of the firewall service.
Detail
The protocol and port numbers for each service.
ADOM
The ADOM that this service is in. For information about ADOM, see “Administrative Domains”.
Device (VDOM)
The database where this service is saved.
Filter
Display the devices and groups that can use the global firewall service configuration.
If specific devices and/or groups are listed, it means that these devices and groups are allowed to use the configuration.
If All Devices/Groups displays, it means that all devices and groups are allowed to use the configuration.
To search an unused object:
1. From the Main Menu Bar, select Search.
2. In the Search for field, select an object.
3. In the Search Criteria field, select Unused Objects.
4. Repeat step 5 in “To search an object by name:”.
5. Select Search.
The search result displays the following:
Delete
Select the check box beside a profile that you want to delete, then select Delete to remove it. If there is no check box beside a profile, it means that this profile is used by a firewall policy.
New Search
Select to start a new search.
Name
The name of the protection profile.
ADOM
The ADOM that this service is in. For information about ADOM, see “Administrative Domains”.
Device (VDOM)
The database where this profile is saved.
Filter
Display the devices and groups that can use the global protection profile configuration.
If specific devices and/or groups are listed, it means that these devices and groups are allowed to use the configuration.
If All Devices/Groups displays, it means that all devices and groups are allowed to use the configuration.
To search an object by usage:
1. From the Main Menu Bar, select Search.
2. In the Search for field, select an object.
3. In the Search Criteria field, select Object Usage.
4. For Scope, do one of the following:
If you want to query where an object is used within the global database, select Global Objects and the object name that you want to search.
If you want to query which other device uses an object, select Device Objects and then a device containing the object and the object itself.
5. Select Search.
The search result displays the following:
New Search
Select to start a new search.
ADOM
The ADOM that this address is in. For information about ADOM, see “Administrative Domains”.
Device (VDOM)
The database where this address is saved.
Referrer Type
The type of object that uses this address. In this case, the type is firewall address groups.
Entry
The name of the firewall address group that uses this address.
Field
The nature of the address in the address group, such as being added as a group member.
 
The three global SSL-VPN portal objects can be deleted, but can not be re-created. Reference Mantis Bug ID 161981.