Created on 02-09-2020 11:51 PM Edited on 02-27-2023 07:03 AM By Jean-Philippe_P
Description
This article describes how to enable interface pair view when it is greyed out.
Solution
If Policies with 'any' or 'multiple interfaces' are selected in the incoming or outgoing interface, 'Interface pair view' will be disabled.
Unselect 'Any' from the policy to select 'Interface Pair View'.
There are also specific cases when the Interface Pair View it is shown as greyed out.
One of these cases is the usage of SDWAN and zones. When different zones are created on the SD WAN and apply 2 or more of them as sources or destinations on the firewall policies, the Interface Pair View will be grayed out, as it is expected.
Below the three zones, part of the SD WAN is configured as dstintf on the Test_Policy, and as seen, the Interface Pair View it is grayed out:
In the case mentioned above, to be able to enable Interface Pair View again, the solution is to create separate firewall policies for each zone set as dstintf:
As seen, the Interface Pair View has not grayed out anymore and can be selected.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.