Hello, I am trying to import policy package from one Fortiagate devices and I note that some objects are not being imported and the below is an example of the import report:
"user peer",FAIL,"(name=user1, oid=2781, reason=This CA certificate is duplicated.)""firewall policy",FAIL,"(name=32, oid=3548, reason=This CA certificate is duplicated.)"
The first and second errors seem to be related to each other as the user "user1" is inlcuded in a group as source in firewall policy 32.
I cannot understand where is the problem in "CA certificate is duplicate"
The CA certificate seemed to be already imported when importing the configuration from another Fortigate device.
And also the below error appeared in the import report:
"user peer",FAIL,"(name=user2, oid=2782, reason=invalid value)"
here is the config of the "user2" as from the Fortigate:
config user peeredit "user2"set ca "G_CA_Cert_1"set cn "user2"nextend
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
We are still looking for someone to help you.
We will come back to you ASAP.
Check in Policy & Objects -> Firewall Objects -> Advanced -> CA Certificates.
* Note: if CA Certificates is not under advanced, from the menu bar clock on Tools -> Feature visibility and check the CA Certificates checkbox
search for G_CA_Cert_1 if it is already there, if it is there, right click on it and click on "Where Used" to see if this object is used in an existing policy package.
If it is not used, you can delete it.
It is used in another policy package assigned to a different managed Fortigate.
The issue that the CA is referenced in a user in the Fortigate that I am trying to import its configuration and the wizard is skipping importing the user.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.