Hi all,
I've created a lab to test this script. I've two MGMT R80.40 with a FW and a policy for each. I have the access, threat prevention and https inspection layer in each policy.
During my tests the export part is OK but not the import part.
The export part:
Exporting HTTPS layers
Exporting HTTPS Layer [Https_Isnpection_source]
Retrieved 2 out of 2 rules (100%)
Processing https rules and sections
Exporting https rules from layer [Https_Isnpection_source]
Exporting https sections from layer [Https_Isnpection_source]
Exporting https placeholders for unexportable objects from layer [Https_Isnpection_source]
Exporting https layer settings of layer [Https_Isnpection_source]
Done exporting https layer 'Https_Isnpection_source'.
I've check the tgz file and everything seems OK. I've a csv file to describe the layer and a tgz file with the rules.
During the export there is a first problem, the import script log say that the SSL layer is a shared one but it's not:
Adding https-layers
Failed to import https-layer with name [Https_Isnpection_source]. Error: code: generic_err_invalid_parameter_name
message: Unrecognized parameter [shared]
at the end of the log another
Importing Https_Layer [Https_Isnpection_source]
The version of the imported package doesn't exist in this machine! import with this machines latest version.
Adding https-rules
Failed to import https-rule. Error: code: generic_err_object_not_found
message: Requested object [Https_Isnpection_source] not found -------> first rule of the layer without a name
Failed to import https-rule with name [dede]. Error: code: generic_err_object_not_found
message: Requested object [Https_Isnpection_source] not found-------> second rule of the layer with a name (dede)
Failed to attach layers to package! Error: code: generic_err_object_not_found
message: Requested object [Https_Isnpection_source] not found
. Import operation aborted.
Does anyone have already export and import policy with SSL inspection rule? Does someone has a tip to do the work ?
Thanks
BBJ