- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Install wizard - policy package error
i am getting error while installing the policy, i checked Object Configurations> interface as well and there was
Vdom copy failed:
error 0 - invalid value
Copy objects for vdom root
"dynamic interface", "Inside", id=11408, INVALID MAPPING - (null)
"firewall central-snat-map", "1", id=12412, INVALID MAPPING - invalid value
- Labels:
-
FortiGate
-
FortiManager
Created on 06-08-2022 01:17 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @JD1 ,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey JD1,
from the errors it looks like the interface 'Inside' is not mapped to anything on the FortiGate you're trying to install to.
I would assume the SNAT fails as well because an interface is not in place/configured properly, but without knowing the config details of the SNAT entry it's hard to say if that fails due to the 'Inside' interface, or for an unrelated reason.
Can you check the interface object 'Inside' in the Policy&Objects tab, and verify what interface it is mapped to on your FortiGate? That might provide some insight.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
that looks like if you are missing mappings:
dynamic interface called "inside"
central-snat-map profile #1
However I cannot find those on my FMG here...
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Created on 02-09-2023 08:40 AM Edited on 02-09-2023 09:19 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi sw2090,
Were you able to sort out your issue? I'm running into a similar issue where we don't have a "MGMT" interface on the Fortigate, in the Provisioning Template, or the Policy Package but it's throwing an error saying MGMT is an invalid mapping.
Edit: Sorted it out! I had a Normalized Interface rule for MGMT which had a Per-Device mapping configured for the device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
it was not my issue but the thread starter's ;)
yes you have because it is automatically created when you add the device to fmg (unless you uncheck the "create mappings for all unused interfaces" option.
However it should be correct then...
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams