Expedition 1.2.42 Hotfix Information

Showing results for 
Show  only  | Search instead for 
Did you mean: 
L4 Transporter
No ratings

Version 1.2.42 (Date Nov 8, 2022)







apt update
sudo apt-get update; sudo apt-get install expedition-beta
manual update cd /tmp;
wget  https://conversionupdates.paloaltonetworks.com/expedition-updates/expedition_1.2.42.all.deb;
sudo dpkg -i expedition_1.2.42.all.deb;




  • MT-2504 - FORTINET - Expedition was expecting policies to be defined on the section "config firewall policy" but new Fortinet version contains policies ALSO in the section "config firewall security-policy". Added support to read both "sections" as Fortinet could have policies defined on both of them.


  • MT-2501 - STONESOFT - Reading address objects domain_name twice. Expedition is creating duplicated entries for address object typed as domain_name. Resulting on having duplicated address objects by name.
  • MT-2500/MT-2493/MT-2502: CISCO NAT issues:
  1. A NAT rule with an address group as original source and a single address as translated source could not be defined as static-ip, instead the NAT rule is defined as dynamic-ip-and-port.
    Example: nat (in, out) source static Network-Group Network-address destination static Network-Destination Network-Destination
  2. A NAT rule containing address groups as source, destination, translated source or translated destination named DM_INLINE* are replaced by its address members.
  3. A NAT rule with an address group as original source and an address group as translated source having different names BUT with the same members is considered a no source NAT.
    object-group network DM_INLINE_NETWORK_1
    network-object object
    network-object object
    object-group network DM_INLINE_NETWORK_2
    network-object object
    network-object object
    nat (in, out) source static DM_INLINE_NETWORK_1 DM_INLINE_NETWORK_2 destination static Network-Destination Network-Destination
  4. A NAT rule with the same original and translated destination (without port translation) is not considered as DNAT rule, also translated destination is set to none.
    Example: nat (in, out) source static Original-Source TP-Source destination static Network-Destination Network-Destination
  5. A NAT rule with a bidirectional source translation and a destination translation (original and translated destination are NOT the same) is created as a NAT rule in Expedition with a Monitor log and the bidirectional flag disabled.
Rate this article:
Register or Sign-in
Article Dashboard
Version history
Last Updated:
‎11-08-2022 01:17 AM
Updated by: