Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LuisTR
Participant

Security Zone object are not attached to any interface

My client has deployed a ClusterXL R81.10 Load Sharing, with Take_22. Its policies manage it with Zones through Inline Layer, and so it was working perfectly. And each vlan or subinterface of the Firewall is attached with a Security Zone.

interface_security_zone.png

rules.png

 

Over time, a new vlan or subinterface (bond2.12) attached to the Security Zone called "DesktopVirtuales_SegNvl" was added where, when policies are installed, there is an installation error indicating that the zone is not attached to any interface.

installation_error.png

error_message.png

 

Here we can see that the "DesktopVirtuales_SegNvl" zone is attached to the bond2.12 vlan or subinterface.

vlan_subinterface.png

 

Does anyone know how to fix this error?

Regards

0 Kudos
7 Replies
Chris_Atkinson
Employee Employee
Employee

Hi Luis,

Two suggestions for you:

1. Please review sk177129 to see if it helps with your scenario

2. Attempt to disable accelerated policy install temporarily per sk168055

CCSM R77/R80/ELITE
the_rock
Legend
Legend

I find solution in that sk very odd for this issue...would not workaround described simply cause a failover from dashboard??

0 Kudos
LuisTR
Participant

Thanks for your response Chris. Regarding your suggestions:

1. Does not apply to my client's scenario.

2. I couldn't validate said sk168055 but I'll keep it in mind.

 

I was able to perform a kind of workaround or artifice to be able to temporarily solve the problem of installing policies.

What I did was:

- Disassociate or remove the Security Zone check "DesktopVirtuales_SegNvl" from the bond2.12 subinterface.

Screenshot_2.png

 

Then just Post. And then I re-attached it or placed the Security Zone check.

Finally, I published and installed policies. And it was installed successfully.

 

But it seems that this policy installation problem occurs every so often.

Does anybody know what is it due to?

What could be a definitive solution?

0 Kudos
Marcel_Gramalla
Advisor

Is this error only happening on accelerated installs? I already said that if this is the case you can get a hotfix for that as this is a bug on the management server. You can open a support case and request a fix for that or just wait a few months to get that fixed (not yet included in Ongoing Take 38). The bug id to look at is: PRHF-22326 (I hope I'm allowed to share that).

LuisTR
Participant

Hi Marcel, thanks for your reply.

Yes, the policy installation is an accelerated installation.

So, is it a bug of the Security Management Server but not of the Security Gateway?

Is there public information with the bug id  PRHF-22326?

 

0 Kudos
Marcel_Gramalla
Advisor

Correct, the hotfix we received is for the management. There is no public info yet as from searching the knowledgebase. 

Marcel_Gramalla
Advisor

If this is only happening with an accelerated policy install there is a private hotfix available for the management server. 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events