Hot!Unable to install policy

Author
moumoumatt
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/03/11 02:13:51
  • Status: offline
2015/03/24 02:07:19 (permalink) 5.2
0

Unable to install policy

FMG-VM64 v5.2.1
 
I'm trying to push the policy to a Fortigate 500D Cluster, Fortigate 5.2.1.
 
When I attempt to install the policy, I get the following error messages;
 
Policy console event
90% state:5 dvm_err:0 Prepare commit fail: vip overlap, Copy Package 'Name'
 
Policy console event
Failed to commit policies to devdb
 
Any ideas what could be causing this?

 
Thanks.
#1

6 Replies Related Threads

    moumoumatt
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2015/03/11 02:13:51
    • Status: offline
    Re: Unable to install policy 2015/03/24 04:53:15 (permalink)
    0
    Problem solved - please ignore.
    #2
    mnaccarato
    New Member
    • Total Posts : 1
    • Scores: 0
    • Reward points: 0
    • Joined: 2015/09/15 14:17:16
    • Status: offline
    Re: Unable to install policy 2015/09/15 14:21:44 (permalink)
    0
    moumoumatt
    Problem solved - please ignore.




    Can you please provide information on how to solve this, I'm facing the same problem.
     
    Thank you!
    #3
    scao_FTNT
    optimizzz
    • Total Posts : 477
    • Scores: 23
    • Reward points: 0
    • Joined: 2012/08/27 11:39:44
    • Status: offline
    Re: Unable to install policy 2015/09/15 16:24:45 (permalink)
    0
     



    Can you please provide information on how to solve this, I'm facing the same problem.
     
    Thank you!




    if policy validation fail, pls provide copy log and task details, also debug output if possible (diag debug application securityconsole 255)
     
    if policy install fail, pls provide device install log
     
    and pls provide FMG version, ADOM version and FGT version
     
    Thanks
     
    Simon
    #4
    HaTiMuX
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/04/26 07:57:16
    • Status: offline
    Re: Unable to install policy 2017/11/28 23:13:17 (permalink)
    0
    The problem is a vip overlap. You can run "diag debug application securityconsole 255" to get more details.
     
    SECURITY_CONSOLE: Installing firewall policy completed - 117 entries installed, 0 errors
    SECURITY_CONSOLE: (1) [FGT(root)[copy] root] Initiate request to install to real device (reason:none)
    SECURITY_CONSOLE: (1) [Write summary[preview] ] Prepare commit fail: vip overlap - VIP1, VIP2 (reason:none)
    SECURITY_CONSOLE: (1) Compile time: 0 hours 0 minutes 0.628502 seconds.
    SECURITY_CONSOLE: (1) Import time: 0 hours 0 minutes 0.016277 seconds.
    SECURITY_CONSOLE: (1) Change dvm status time: 0 hours 0 minutes 0.000000 seconds.
    SECURITY_CONSOLE: (1) Failed to commit policies to devdb
    #5
    emnoc
    Expert Member
    • Total Posts : 4400
    • Scores: 249
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Unable to install policy 2017/11/29 10:02:47 (permalink)
    0
    yes fortimanger has to  do a juniper like verification before the committal and it flags  and will fail a committal . It's a great  check imho.
     
     
     

    PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
    #6
    sw2090
    New Member
    • Total Posts : 13
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/06/14 01:27:25
    • Status: offline
    Re: Unable to install policy 2017/12/06 01:08:21 (permalink)
    0
    It says "vip overlap". That looks like if you have an error in your portforward config (=vip). In this case obviously your port forwards overlap.
    #7
    Jump to:
    © 2017 APG vNext Commercial Version 5.5