I'm having a strange issue; I'm migrating from CP R77.10, mgmt and fw on seperate devices.
Every combination of rules and object files i try importing in MT I get similar results:
- policy is copied ok,
- all names for address objects are empty, address groups names are fine, names of objects in address groups are also fine
- all names for service objects are empty, service groups names are fine, names of services in service groups are also fine
Anyone had such an issue? I'm trying different combinations of rules and object files but without any success so far.
Solved! Go to Solution.
Can you send your objects_5_0.C to firstname.lastname@example.org? Then we can take a look to figure what's happening.
ignore this, I managed to succesfully import the configuration
I could swear I tried this combination before already :)
Sorry, didn't see reply till now. It seems ok now, must have been wrong combination earlier. Thanx for reply!
How do I merge CP iported config into Panorama Device group? I've imported CP config first and then uploaded Panorma base config. On Export page i have Panorama config as base configuration (output) and CP as Source configurations (inputs). But when I drage whole CP config into certain Device group only adresses, address-groups, services, service-groups and tags appear in output.
Ok, with a bit of testing I'd say this is how you should merge:
- drag objects and policies into device group
- drag zones into template->device->vsysX
- drag interfaces and VRs into template->Network
Is this correct?
That's correct. Zones needs to be imported into one VSYS inside the template, objects and rules under the DG and the Interfaces, VR under the template as well
2 more questions, please.
- I created aggregated interface in MT for Panorama config. Do I need to create them on firewall first as well?
- I renamed security zones in MT. The changes were applied to FW policy, but not to NAT policy. How do I update zone name chnages to NAT policy as well?
Thanx in advance.
The changes should applied to Nat Rules as well, Maybe the store has not been refreshed. You can do by pressing from the Nat Rules Grid the refresh button located in the bottom bar close to the selection to how many rules you want to see (by default 50) just click refresh and let me know please.
For the interfaces if you are using Templates you can do from the template, is not necesary to create the interfaces in your firewall!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!