This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

More big problems with the Foritgate parser

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

More big problems with the Foritgate parser

crose_mcnc
L1 Bithead

‎10-01-2023 09:20 AM - edited ‎10-01-2023 01:06 PM

I am still having major issues with Expedition with the Fortigate configuration parser.

 

The last bug fix took care of some of the issues, but I have again reached a standstill where I have objects that can not be deleted. I didn't figure this out till after I spent hours manipulating this config to get objects into our engineering format. Now I am stuck. I am very behind on getting this migration done for my customer to everyone's frustration so I am desperate to get this fixed.

 

I think the import is still not working correctly. When I import the configuration I sent you, I get the following objects created in the "shared" vdom. But the objects contain self references. As an example the shared vdom service object group DNS contains mebers DNS and DNS as seen int he attached screenshot.

 

It is this way also for the following list of protocols

DCE-RPC

DNS

H232

Kerberos

L2TP

NFS

NTP

PC-Anywhere

RTSP

SIP

SNMP

 

Once I work through the configuration and clean things up I wind up with objects that can not be deleted and prevent me from finishing my cleanup and migration.

 

I can send you the config file again by way of a Palo support case or export backups of my project in expedition. I am running the most current hotfix.

 

Anything you can do to get this moving again is greatly appreciated.

Preview file
550 KB
0 Likes Likes
2 REPLIES 2

dpuigdomenec
L4 Transporter

‎10-01-2023 01:24 PM

Hello @crose_mcnc ,

I'm sorry to hear about the issues you're encountering.

Could you please upload the latest original configuration along with your current Expedition project into a TAC case? Once you've done that, please send the TAC case number to fwmigrate@paloaltonetworks.com. As I'm based in the CEST time zone, I'll take a look at it first thing tomorrow morning. It would be really helpful if you could also describe your execution workflow in your email. This way, I can check if there's a possibility of automating some of the steps you're currently doing manually.

I appreciate your understanding and cooperation in advance, and I apologise for any inconvenience caused.

Best regards,

David

0 Likes Likes

crose_mcnc
L1 Bithead

‎10-01-2023 01:25 PM

Sure thing. It's on its way.

0 Likes Likes
  • 592 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks