Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi guys,
Can we use/bring within same ADOM two Fortigate FWs that have this config:
FGT1:
FG100D3G148 $ show system zone config system zone edit "VPN_companyname" set interface "MACK" "RODK" "SFLK" "KRAK" next
FGT2:
FG100D3G $ show system zone config system zone edit "VPN_companyname" set interface "VPN_MACK" "VPN_RODK" "VPN_SFLK" "VPN_KRAK" next
Short answer is NO; I have FGT1 on ADOM and when trying to add FGT2 on ADOM I get this thread's message:
"firewall policy",FAIL,"(name=ID:5 (#1), oid=729, reason=interface(interface binding contradiction. detail: interface binding contradiction. detail: VPN_companyname<-any) binding fail)"
Since both FGTs are on production, do you guys have any tip if this is possible? I used to have each FGT on a dedicated ADOM, but that's no longer logic or required to our needs. We need same Objects database.
Thanks,
Florin.
The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
"firewall policy",FAIL,"(name=ID:5 (#1), oid=729, reason=interface(interface binding contradiction. detail: interface binding contradiction. detail: VPN_companyname<-any) binding fail)"
-- from this error, seems FMG policy object db has a same name address but its associated interface is configured for any which caused this conflict and address failed to import thus also failed for that policy
Thanks
Simon
Indeed each Fortigate had an identical object name, but interface association was specific. We changed interface association to any and then we pushed policies.
The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.