Unable to Import Policies

Author
Belgarioz
New Member
  • Total Posts : 14
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/02 03:43:06
  • Status: offline
2019/09/17 03:00:01 (permalink)
0

Unable to Import Policies

Hello,
I am unable to import firewall policies to FMG.

In the FMG I have a “never installed “ raining and it’s fine, but when I import Policies from the FGT I keep getting this:


import objs: dev(xxxx-FW),vdom(root),adom(xxx),package(xxxxx_root)
Failed to commit changes (command(set firewall policy.8:dstaddr xx.xx.xx.xx "*.xxx.com") detail(datasrc invalid. object: firewall policy dstaddr. detail: GOOGLE. solution: data cannot be used. reason: invalid value - prop[dstaddr]: Address group cannot contains wildcard-fqdn type address))

 
In the firewall there are NO wildcard-FQDN addresses in the whole firewall!!!!!

The policy is working and it is making traffic, it’s just can’t be imported




#1

4 Replies Related Threads

    emnoc
    Expert Member
    • Total Posts : 5301
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Unable to Import Policies 2019/09/17 03:37:43 (permalink)
    0
    Address group cannot contains wildcard-fqdn type address))
    I would inspect the policyid#8 and triple check the error looks clearly like something has a wildcard entry and the dst addr value

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #2
    Belgarioz
    New Member
    • Total Posts : 14
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/11/02 03:43:06
    • Status: offline
    Re: Unable to Import Policies 2019/09/17 03:40:01 (permalink)
    0
    Hello,
     
    I know the problem lies there, but there is NO wildcards FQDN Address in the whole firewall.
    Going to firewall -> Address list and scrolling down, there is NO FQDN address list.
     
    IT seems Fortiguard, during the import, is importing another Address Object that lies elsewhere not in the firewall itself
    #3
    brazz_FTNT
    Silver Member
    • Total Posts : 91
    • Scores: 22
    • Reward points: 0
    • Joined: 2018/02/20 15:09:34
    • Status: offline
    Re: Unable to Import Policies 2019/09/17 07:27:50 (permalink)
    0
    Hey,
     
    What is the Version of  your FMG , FGT , and ADOM in question?
     
    Cheers
    #4
    Belgarioz
    New Member
    • Total Posts : 14
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/11/02 03:43:06
    • Status: offline
    Re: Unable to Import Policies 2019/09/17 07:28:53 (permalink)
    0
    Hello :)
     
    all of them are 5.6.2
     
    Anyway, I have solved removing the FGT from FMG and readding it :)
    #5
    Jump to:
    © 2019 APG vNext Commercial Version 5.5