- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
on 06-27-2019 08:02 AM - edited on 06-28-2019 11:36 AM by Retired Member
When seeing counters increment for Duplicated Policies, this is indicating there are policies with the exact same name, which can cause a conflict within PAN-OS and cause a commit to fail.
The Duplicated Policies do not indicate an overlap or "Shadow" of policies.
The duplicated policy count can be seen in the PROJECT STATISTICS dashboard.
To view the policies with duplicated names you can use the filter by creating a filter for:
POLICIES > Security > FILTER > MERGE > POLICIES > Security Policies > Click the box for Rule Name
Clicking on each case listed in the results will display the policies with the same name in the background. The policies displayed in the backgroud can be edited to change the names.
You can have duplicate rule name between different device group if they are not parent and child. for example, you can have security rule name "Test" in both DG1 and DG2 if they are not parent and child , but you can't have same rule name among shared and DG1 since shared is parent of DG1
Completed firmware upgrade from 11.0.5 -> 11.1.5h1, and facing duplicate rules, which preventing new rules from being committed. I am looking for an article from PA for reference on this issue to be presented to my stakeholders. Can anyone help?
Hi @JaysonJohn
You can use Expedition. After importing your policy you can go to Policies, filter by duplicated name and apply an option to do the renaming.
Hope this helps,