Duplicated Policies - How To Preview

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
L5 Sessionator
100% helpful (1/1)

When seeing counters increment for Duplicated Policies, this is indicating there are policies with the exact same name, which can cause a conflict within PAN-OS and cause a commit to fail.

 

The Duplicated Policies do not indicate an overlap or "Shadow" of policies. 

 

The duplicated policy count can be seen in the PROJECT STATISTICS dashboard.

 

Duplicated-policies-1.jpg

To view the policies with duplicated names you can use the filter by creating a filter for:

 

POLICIES > Security > FILTER > MERGE > POLICIES > Security Policies > Click the box for Rule Name

 

Duplicated-policies-2.jpg

 

Clicking on each case listed in the results will display the policies with the same name in the background. The policies displayed in the backgroud can be edited to change the names.

 

 

Rate this article:
(1)
Comments
L0 Member

Why would this be an issue? I've got 2 Vsys which each have double named policies. Is it really an issue or is it just against best practice?

L6 Presenter

You can have duplicate rule name between different device group if they are not parent and child. for example, you can have security rule name "Test" in both DG1 and DG2 if they are not parent and child , but you can't have same rule name among shared and DG1 since shared is parent of DG1

L0 Member

Completed firmware upgrade from 11.0.5 -> 11.1.5h1, and facing duplicate rules, which preventing new rules from being committed. I am looking for an article from PA for reference on this issue to be presented to my stakeholders. Can anyone help?

 

L4 Transporter

Hi @JaysonJohn 

You can use Expedition. After importing your policy you can go to Policies, filter by duplicated name and apply an option to do the renaming.

dpuigdomenec_0-1733230348306.png

Hope this helps,

  • 9362 Views
  • 4 comments
  • 2 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎06-28-2019 11:36 AM
Updated by:
Retired Member