Hardware: 23500
Version: R81.10 Take 66 (both Gateway and Mgmt)
Summary: NAT rules were re-ordered. There was a hide NAT rule that is moved under 4 static NAT rules. No other changes made to the policy. Publish and push the policy. Found out that the firewall is using the old order of NAT rules. FW stat shows the correct time of policy push that was completed without any errors or warnings. The "rules.C' was showing the last modified date of the previous install not the last install (after re-ordering). Note that all ojects used in all the related NAT rules are local objects, not Global.
It was decided to disable all the relevant static and hide NAT rules (total of 5 rules), re-create the new rules above the disabled rules. After the policy is pushed, the correct order of rules took place and the rules.C file shows the last modified date.
Question is - why in first place a new policy not compiled or what causes where the new set of rules were ignored. Does the rule re-ordering warrant a new policy? Anyone else has similar experience, please share.