Quick one ahead!
If your background is Cisco and their CCNA / CCNP trainings, you are familiar with the wildcard mask concept.
That idea allows you as an example to define an object which matches a single IP address in all your subnets. As an example, an IP address defined as follows: 10.10.0.120 255.255.0.255 will match IP address .120 in all subnets:
Simple and might be useful in some deployments. Of course, that is only one of many possible use cases. How to configure it in FortiOS?
An obvious attempt to define a wildcard mask object will fail:
FGT # config firewall address FGT (address) # edit printers FGT (printers) # set subnet 10.10.0.120 255.255.0.255 FGT (printers) # next invalid netmask. object check operator error, -9, discard the setting Command fail. Return code 1
Also, there is no way of defining that object in the GUI. A proper way of doing this:
FGT # config firewall address FGT (address) # edit printers FGT (printers) # set type wildcard FGT (printers) # set wildcard 10.10.0.120 255.255.0.255
Simple as that!