|
ISDB (Internet Service Database) name does not change often. When it does, even if FortiGate is fine, FortiManager, as it uses the name in the policy package, is not able to adjust automatically.
In the Policy Package where the ISDB object is referenced, the entry would change from the old name to blank. When pushing the policy to the FortiGate, the error will be given because of this incomplete config in the firewall policy.
Before FortiManager 7.2.5, it is necessary to manually locate the policies referenced in the changed ISDB entry, and change the entry from the blank to the new name.
After FortiManager 7.2.5, a new command is introduced, it is not necessary to make the manual changes, all that is required is to run the following command, which would search all the ADOM for the change.
diagnose cdb upgrade check invalid-internet-service-name
An example of ISDB object name change:
OriginalName:CrowdStrike-CrowdStrike.Cloud,
New name:CrowdStrike-CrowdStrike.Falcon.Cloud
Search 'OriginalName' in Internet Services Version: 7.03181.
Related Document:
Resolved Issues 7.2.5
|
