Upload of configuration

Forum|Forum|3 years ago
September 14, 2022
1 reply
2299 views

I have edit a configuration file for my fortinet 600D. He load and running correctly but when I visualize the firewall policy on the dashboard only few security policies has been updated . If i try to include manually the system said that the label of policy already exist. If i download the backup of configuration the number of policy are different from the policies visualized on the dashboard . This issue i have only for firewall policy all the other section are corrected interpretated.

Any idea? any command to know if the input file has issues? I tried also with different editor but nothing

FortiGate

Best answer by pbarbieri

The dashboard shows partially the total number of policies but by CLI everything is fine. It could be a bug.

xsilver_FTNT

Staff

Not completely sure what do you see and where.

A picture , or actual error/warning message, will help.

If I have a look to policies, then I can see them in Policy&Objects with switch on top right to change between interface pair view and all policies ordered by their sequence numbers.

On Dashboard is FortiView on Policies, which shows ONLY those which has/had some active sessions, or transferred any bytes (which is default Sort option, see settings of the widget).

pbarbieriAuthor

Visitor III

Hi Tom I appreciated a lot your support!. In the Policy&Object the problem. I can able to visualize some policies but missing others!! If I tried also by CLI to edit a number specific but only some numbers are present other numbers are missing. In short in the list of policies in the original conf file loaded in the firewall and some of them are removed or not included. I send you an example belove : for instance until 2 is ok them miss 3 (third policy) , the fourth has been included and 5 and 6 no. Why these policies are not loaded correctly and other yes? syntax is perfect. If i tried to include manually the missing policy the interface reply that already exist.

-----------

config firewall policy
edit 1
set name "ARCC_RCC_DMD_PROXY"
set srcintf "ARCC_LAN"
set dstintf "GRE-RCC" "GRE-RCC-B"
set srcaddr "ARCC_TC"
set dstaddr "RCC_TC"
set action accept
set schedule "always"
set service "RCC_ACK_CHANNEL" "RCC_DB_CHANNEL" "PING"
next
edit 2
set name "RCC_ARCC_DMD_PROXY"
set srcintf "GRE-RCC" "GRE-RCC-B"
set dstintf "ARCC_LAN"
set srcaddr "RCC_TC"
set dstaddr "ARCC_TC"
set action accept
set schedule "always"
set service "RCC_ACK_CHANNEL" "RCC_DB_CHANNEL" "PING"
next
edit 3
set name "ARCC_ADIC_VOIP"
set srcintf "ARCC_LAN"
set dstintf "GRE-ADIC-2114" "GRE-ADIC-2134"
set srcaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set dstaddr "ADIC_CALL_MANAGER"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next
edit 4
set name "ADIC_ARCC_VOIP"
set srcintf "GRE-ADIC-2114" "GRE-ADIC-2134"
set dstintf "ARCC_LAN"
set srcaddr "ADIC_CALL_MANAGER"
set dstaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next
edit 5
set name "ARCC_AADIC_VOIP"
set srcintf "ARCC_LAN"
set dstintf "GRE-AADIC-4114" "GRE-ADIC-4134"
set srcaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set dstaddr "AADIC_CALL_MANAGER"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next
edit 6
set name "AADIC_RCC_VOIP"
set srcintf "GRE-ADIC-4114" "GRE-ADIC-4134"
set dstintf "ARCC_LAN"
set srcaddr "AADIC_CALL_MANAGER"
set dstaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next

What is this mystery? Do i need to use purge command or rename the edit x number and remove uuid for each policy to see all included again?

pbarbieriAuthorAnswer

Visitor III

The dashboard shows partially the total number of policies but by CLI everything is fine. It could be a bug.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded