Duplicated Policies - How To Preview

cancel
Showing results for 
Search instead for 
Did you mean: 
L4 Transporter
Did you find this article helpful? Yes No
100% helpful (1/1)

When seeing counters increment for Duplicated Policies, this is indicating there are policies with the exact same name, which can cause a conflict within PAN-OS and cause a commit to fail.

 

The Duplicated Policies do not indicate an overlap or "Shadow" of policies. 

 

The duplicated policy count can be seen in the PROJECT STATISTICS dashboard.

 

Duplicated-policies-1.jpg

To view the policies with duplicated names you can use the filter by creating a filter for:

 

POLICIES > Security > FILTER > MERGE > POLICIES > Security Policies > Click the box for Rule Name

 

Duplicated-policies-2.jpg

 

Clicking on each case listed in the results will display the policies with the same name in the background. The policies displayed in the backgroud can be edited to change the names.

 

 

Rate this article:
(1)
Comments
L0 Member

Why would this be an issue? I've got 2 Vsys which each have double named policies. Is it really an issue or is it just against best practice?

L5 Sessionator

You can have duplicate rule name between different device group if they are not parent and child. for example, you can have security rule name "Test" in both DG1 and DG2 if they are not parent and child , but you can't have same rule name among shared and DG1 since shared is parent of DG1