MX policy object issues after removing from template

ls08
Here to help

MX policy object issues after removing from template

Using a MX85 17.10.2 and ran into this issue. If I unbind a network from a template that is using and using VLANs in some firewall rules as policy objects ( the object has a D in a circle). The firewall rules will glitch out if I I edit and save the rules with VLAN objects. It looks like the VLAN rules are ignored and the firewall rules break. I can still add more rules with VLAN objects and save the changes, nowhere do I get an error for having VLAN objects in a network that is not on a template. My meraki switches lost network to meraki dashboard because of this weird firewall rules. The vlan that the switches use didn’t have any block rules to the web. Eventually I figured out it was the VLAN objects and I removed all the rules, saved the changes, refreshed and then created the rules using network objects and not VLANs. 

 

From the manual on objects:

 

Compatibility

Network Objects can be applied alongside our existing VLAN Objects used in Template Networks Firewall Rules.

VLAN Objects

VLAN Objects are solely used to represent Template created VLANs. They can only be created and modified within Template Network Firewall Rules. For additional information regarding VLAN Objects, please refer to:

1 REPLY 1
PhilipDAth
Kind of a big deal
Kind of a big deal

You will need to open a case with support about that bug.

 

You've managed to find a corner case that is rare.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels