This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About davidbla
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About davidbla
04-13-2021
2Posts
2Likes
1Solution
Apr 13, 2021Last Visited
User
Activity
User
Profile
Latest posts by davidbla
| Subject | Views | Posted |
|---|---|---|
| 4712 | 04-13-2021 02:43 AM | |
| 5033 | 03-23-2021 08:20 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 2 Likes | 03-23-2021 08:20 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 06-07-2019 06:58 AM |
| Date Last Visited | 04-13-2021 06:09 AM |
| Posts | 2 |
| Total Likes Received | 2 |
04-13-2021
02:43 AM
added the WO - just to be precise: configure
delete device-group <device group> pre-rulebase security rules "<rule name>" source-hip
delete device-group <device group> pre-rulebase security rules "<rule name>" destination-hip
... View more
03-23-2021
08:20 AM
2 Kudos
The issue is because of the "device / hip profile" option for policies introduced in 10?. I just was not able to find this feature in the release notes... can s/o link it? Panorama knows this new kind of filter: But your firewall not. Even if you don't configure it but change smth in the policy, panorama will add a "hip-profiles any;" to the configuration. And the device, witch does not know about such a configuration option, somehow interprets this as "hip-profile is a duplicate node". However it also reports back "rules is invalid". I've no idea yet to fix it. I have do overwrite new changes on the firewall directly because I am not able to push this template from panorama. You can easily proove it by using a configuration previev. --edit we were able to work arround things. this issue seems just to effect for cloned rules. you can delete these lines from panoama cli before commiting to the firewalls.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks