Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pbarbieri
Contributor

Upload of configuration

I have edit a configuration file for my fortinet 600D. He load and running correctly but when I visualize the firewall policy on the dashboard only few security policies has been updated . If i try to include manually the system said that the label of policy already exist. If i download the backup of configuration the number of policy are different from the policies visualized on the dashboard . This issue i have only for firewall policy all the other section are corrected interpretated.

Any idea? any command to know if the input file has issues? I tried also with different editor but nothing  

1 Solution
pbarbieri

The dashboard shows partially the total number of policies but by CLI everything is fine.  It could be a bug.

View solution in original post

3 REPLIES 3
xsilver_FTNT
Staff
Staff

Not completely sure what do you see and where.

A picture , or actual error/warning message, will help.

 

If I have a look to policies, then I can see them in Policy&Objects with switch on top right to change between interface pair view and all policies ordered by their sequence numbers.

 

xsilver_FTNT_0-1663141308475.png

 

On Dashboard is FortiView on Policies, which shows ONLY those which has/had some active sessions, or transferred any bytes (which is default Sort option, see settings of the widget).

 

xsilver_FTNT_1-1663141452369.png

 

xsilver_FTNT_2-1663141506594.png

 

 

Tomas Stribrny - NASDAQ:FTNT - Fortinet stuff - TAC Staff Engineer

pbarbieri

Hi Tom I appreciated a lot your support!. In the Policy&Object the problem.  I can able to visualize some policies but missing others!! If I tried  also by CLI to edit a number specific but only some numbers are present other numbers are missing. In short in the list of policies in the original conf file loaded in the firewall and some of them are removed or not included. I send you an example belove : for instance until 2 is ok them miss 3 (third policy) , the fourth has been included and 5 and 6 no. Why these policies are not loaded correctly and other yes? syntax is perfect. If i tried to include manually the missing policy the interface reply that already exist.

-----------

config firewall policy
edit 1
set name "ARCC_RCC_DMD_PROXY"
set srcintf "ARCC_LAN"
set dstintf "GRE-RCC" "GRE-RCC-B"
set srcaddr "ARCC_TC"
set dstaddr "RCC_TC"
set action accept
set schedule "always"
set service "RCC_ACK_CHANNEL" "RCC_DB_CHANNEL" "PING"
next
edit 2
set name "RCC_ARCC_DMD_PROXY"
set srcintf "GRE-RCC" "GRE-RCC-B"
set dstintf "ARCC_LAN"
set srcaddr "RCC_TC"
set dstaddr "ARCC_TC"
set action accept
set schedule "always"
set service "RCC_ACK_CHANNEL" "RCC_DB_CHANNEL" "PING"
next
edit 3
set name "ARCC_ADIC_VOIP"
set srcintf "ARCC_LAN"
set dstintf "GRE-ADIC-2114" "GRE-ADIC-2134"
set srcaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set dstaddr "ADIC_CALL_MANAGER"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next
edit 4
set name "ADIC_ARCC_VOIP"
set srcintf "GRE-ADIC-2114" "GRE-ADIC-2134"
set dstintf "ARCC_LAN"
set srcaddr "ADIC_CALL_MANAGER"
set dstaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next
edit 5
set name "ARCC_AADIC_VOIP"
set srcintf "ARCC_LAN"
set dstintf "GRE-AADIC-4114" "GRE-ADIC-4134"
set srcaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set dstaddr "AADIC_CALL_MANAGER"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next
edit 6
set name "AADIC_RCC_VOIP"
set srcintf "GRE-ADIC-4114" "GRE-ADIC-4134"
set dstintf "ARCC_LAN"
set srcaddr "AADIC_CALL_MANAGER"
set dstaddr "ARCC_VOIP_PHONE_1" "ARCC_VOIP_PHONE_2"
set action accept
set schedule "always"
set service "SIP" "ADIC_RTP"
set nat enable
next

What is this mystery? Do i need to use purge command or rename the edit x number and remove uuid for each policy  to see all included again?

pbarbieri

The dashboard shows partially the total number of policies but by CLI everything is fine.  It could be a bug.

Top Kudoed Authors