Troubleshooting Tip: error message while pushing firewall policy - invalid mapping
| Description | This article describes how to resolve the issue when FortiManager fails to push firewall policy with error message of 'dynamic interface', 'interface_name', id=xxxx, INVALID MAPPING - (null). |
| Scope | FortiManager, FortiGate. |
| Solution | The following error may occur while pushing policies to a FortiGate.
Copy device global objects Vdom copy failed: error -1 - unknown Copy objects for vdom root "dynamic interface", "vlan37", id=19604, INVALID MAPPING - (null)
This happens when the interface object was deleted from the FortiGate directly instead of from the FortiManager. It creates a discrepancy between FortiGate and FortiManager.
The solution is to either delete the interface object from 'Policy & Object' -> 'Object Configurations' -> 'Normalized Interface', or to remove the mapping, then push the policy again.
Search for the interface as below. The first option is to remove the interface completely if it is not used anywhere else.
The second option is to remove the per-device mapping. Select the interface, then select 'Edit' and remove the per-device mapping entry.
|
