Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Akmostafa
New Contributor III

Some objects "fail" to be imported

Hello, I am trying to import policy package from one Fortiagate devices and I note that some objects are not being imported and the below is an example of the import report:

 

"user peer",FAIL,"(name=user1, oid=2781, reason=This CA certificate is duplicated.)"
"firewall policy",FAIL,"(name=32, oid=3548, reason=This CA certificate is duplicated.)"

 

The first and second errors seem to be related to each other as the user "user1" is inlcuded in a group as source in firewall policy 32.

 

I cannot understand where is the problem in "CA certificate is duplicate"

 

The CA certificate seemed to be already imported when importing the configuration from another Fortigate device.

 

And also the below error appeared in the import report:

"user peer",FAIL,"(name=user2, oid=2782, reason=invalid value)"

 

here is the config of the "user2" as from the Fortigate:

 

config user peer
edit "user2"
set ca "G_CA_Cert_1"
set cn "user2"
next
end

 

4 REPLIES 4
Anthony_E
Community Manager
Community Manager

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards,

Anthony-Fortinet Community Team.
asrour
Staff
Staff

Check in Policy & Objects -> Firewall Objects -> Advanced -> CA Certificates.

* Note: if CA Certificates is not under advanced, from the menu bar clock on Tools -> Feature visibility and check the CA Certificates checkbox

search for G_CA_Cert_1 if it is already there, if it is there, right click on it and click on "Where Used" to see if this object is used in an existing policy package.

If it is not used, you can delete it.

 

A Srour
Akmostafa
New Contributor III

It is used in another policy package assigned to a different managed Fortigate.

 

The issue that the CA is referenced in a user in the Fortigate that I am trying to import its configuration and the wizard is skipping importing the user.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors