| Description |
This article describes that is not possible to add a VLAN interface into the interface zone. An Interface Zone is also known as a Dynamic Object. |
| Scope | FortiGate version that is NOT End of Support. |
| Solution |
This can happen if a user suddenly decides to add a couple of VLAN interfaces or interfaces and congregate them into a single interface zone. Configuring interface zones allows for ease of interface management and creation/automation of dynamic objects in FortiManager.
The main reason for adding an interface or VLAN interface into an interface zone is because the interface already has References, specifically references in the firewall policies.
The screenshot here shows 2 VLAN interfaces.
VLAN interface 8zone does not have any Reference:
However, VLAN interface 9zone is applied on a firewall policy:
Check whether the interfaces are already used in firewall policies. If they are, it will be necessary to remove the interface from the respective firewall policies before being able to add the interface into the interface zone.
As visible here, the interface that is NOT referred to in the firewall policy is visible for selection:
Interface 9zone is not available for selection here. |
