Solved: Re: Unable to clone policy package in R80.20

Lijo_mathai · ‎2019-06-23

Hi, after upgrading to R80.20 and applying take 47, i am unable to clone the existing policy package. Is there anything i am missing. I checked there is no validation error for the name i used to clone, but still i am unable to clone the policy. Attached is the error i faced.

Lijo_mathai · ‎2019-07-03

Hi, I got update from TAC mentioning there was a special character in one of the policy in the policy package which they found using some proprietary tool, after removing that i was able to clone the policy package. Checkpoint should provide us a way to validate such errors locally so we can fix it without waiting for the solution.

This is just a suggestion.

Thanks

View solution in original post

PhoneBoy · ‎2019-06-26

We're you able to clone the package prior to installing Take 47?

Tal_Paz-Fridman · ‎2019-06-26

Hi

Can you please try removing the suggested Clone name (before starting the Clone process) and selecting something very generic, e.g. POLICY1

Tal

Lijo_mathai · ‎2019-06-27

Hi,I tried already, but still facing the same error

Lijo_mathai · ‎2019-07-03

Hi, I got update from TAC mentioning there was a special character in one of the policy in the policy package which they found using some proprietary tool, after removing that i was able to clone the policy package. Checkpoint should provide us a way to validate such errors locally so we can fix it without waiting for the solution.

This is just a suggestion.

Thanks

View solution in original post

PhoneBoy · ‎2019-07-03

Can you send me in a private message the SR in question?

Tal_Paz-Fridman · ‎2019-07-03

Please send it to me as well.

Thanks

Tal

Tal_Paz-Fridman · ‎2019-07-03

Hi

Can you check if sk153833 applies in your case?

sk153833 "The object name must not contain whitespace characters at the beginning or the end" message in SmartConsole

Tal

JanPokorny · ‎2019-07-10

Hello,

I am facing the same issue. Version R80.20 running in VMware. Any progress with this issue?

Tal_Paz-Fridman · ‎2019-07-10

Hi

Seems there is a specific tool that needs to be used to find the problematic location.

I suggest contacting TAC asking the same process to be followed (you can point them to this issue or SR 6-0001665721)

I will also ask for a dedicated SK for this issue.

Tal

Lijo_mathai · ‎2019-07-10

Hi, this is the same case ID that was raised for my issue by my vendor. Actually support have confirmed that in future this tool will be available for public use

Thanks

genisis__ · ‎2019-11-03

I have a similar issue.

We have R80.20 Provider with HFA103 installed. When attempting to clone a policy I get the following error message:

"Execution error during clone policy package"

JanPokorny · ‎2019-11-04

Hi, I resolved the issues with support. You need to get the latest version of cpdoctor and run a check. The check will output rules where is the problem. After renaming the rules everything is OK.

Be sure you get the latest version of CPdoctor. In the older version, it won't show you exactly which rule cause the problems.

genisis__ · ‎2019-11-04

Thanks will try this.

Colin_Tucker · ‎2019-12-02

Slightly late to the party on this one but just had the same error on R80.30. Client engaged TAC and ran cpdoctor, apparently didn't find any issues. Tried to check for non-unicode characters but also didn't see anything odd.

Using some of the other posts on here I created the following API command that could be useful for a quick check against policy;

[Expert@SMS01:0]# mgmt_cli show access-rulebase name "POLICY_NAME Network" limit 500 --root true --format json | $CPDIR/jq/jq '.rulebase[].rulebase[] | .["name"], .["comments"]' | -E '^"\s|\s"$'
"Site AP1450 SIC/Policy access "
"Monitoring (Videowalls) to FMS "

I've sanitised some of the output but run on our SMS the output shows several comments or rulenames that have whitespace characters at the end of lines.

I'm still waiting on confirmation that the policy can be cloned now. Will update again if any issues.

Douglas_Fujita · ‎2020-08-21

Hello,

I faced this issue today and as workaround I did the steps:

1 - Create a new temporary policy
2 - Select all rules on the original polic(the one that you want to clone) and copy it.
3 - Paste all rules on the temporary policy.

It will start to paste the rules and it will stop on the rule that has an issue. It will show the message "The object name must not contain whitespace characters at the beginning or the end". In my case, I had a poliy base of 390 rules and on rule 176, there was french character on the name of the rule.

I renamed the rule, published it, and after that I was able to clone the original policy.