Skip to main content
achu
Staff
achu
Staff
January 8, 2025

Technical Tip: Unable to create DoS Policy

  • January 8, 2025
  • 0 replies
  • 1228 views
Description

This article describes the error message 'Entry not found in datasource' when creating a DoS Policy in v7.4.6, v7.6.1, or v7.6.2. Policies that use an interface show missing or empty values after an upgrade. The interface port3 that is being added to the DoS policy is a member of the SD-WAN zone.

 

Image-1.png
Scope

FortiOS v7.4.6, v7.6.1, v7.6.2.
Solution

After upgrading to versions 7.4.6, 7.6.1, or 7.6.2 GA, users must manually recreate these policies and assign them to the appropriate SD-WAN zone.

 

Configure DoS Policy and set SD-WAN zone for its interface in the CLI:

 

config firewall DoS-policy

    edit 1

        set name test

        set interface SDWAN

        set srcaddr "all"

        set dstaddr "all"

        set service "ALL"

        end

    next

end

 

Verify the DoS policy in the GUI.

 

Image-2.png

 

Additionally, interfaces that are members of a Zone (regular interface zones) cannot be referred to individually in DoS policies since v 7.6.1, and this does not represent an issue or malfunction. Use ZONE as a reference in the DoS policies. 

Refer to the FortiOS Release Notes for reference, 'Users can now specify an SD-WAN zone as an interface in the following policies. However, it is not possible to individually specify the interfaces that belong to the zone.

Note:

It is a known issue, 'Policies will be deleted or show empty values after upgrading to v7.4.6 or v7.6.1' is fixed in v7.4.8, v7.6.3.


Related document:

Policies that use an interface show missing or empty values after an upgrade
    Terms & ConditionsAccessibility statement