Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
SimonMeadows
Participant

Network object import issues and any import issues

I have been trying to import a Cisco ASA config using the python script and after multiple attempts realised every time it hit network objects that already existed (match by IP, not name) it would not import the object but would also not map the object to the existing network object name.

This results in a whole bunch of rules that use those objects not importing because there is no mapping to the object name in the management database.

After a morning of debugging I discovered that at line 198 of smartconnector.py the indentation of the 'break' means the mapping code for network objects is never reached so requires an additional tab to push it into the preceding if statement. Then it works as expected.

 

I also note that there were a lot of rules failing on 'Requested object [any] not found'

It appears the file 'cp_objects.json' outputs names with any as "any" whereas the api seems to only accept "Any" after making this change to all "any"s in the file all rules import as expected.

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

Both of these seem like simple fixes.
@Ofir_Shikolski I assume you're on top of this?

Ofir_Shikolski
Employee Alumnus
Employee Alumnus

Hi,

Thanks for the info.

We are not aware about this kind of issues - we will glad to get more information :

1. Which SmartMove version do you use?

2. Can you share with us the config file ?

3. What do you offer as solution for line 198? can you please commit a fix?

SimonMeadows
Participant

Hi,

1. Version 6.0.7927.19067

2. Unfortunately I don't have the time to redact the sensitive info at the moment.

3. Pull request #25

0 Kudos
SimonMeadows
Participant

I also found that the processGroupWithMembers function was not using the mapping of existing objects either.

I have added another commit to pull request #25

0 Kudos
SimonMeadows
Participant

Hi, I also found that when multiple subnets exist that cover an importing subnet, it maps to the first returned rather than only mapping to an exact match.

There is an additional commit in pull request #25 to fix it.

Ofir_Shikolski
Employee Alumnus
Employee Alumnus

Thanks a lot ! I merged it

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events