Potential issue with renaming FW groups

Started by EndiRabbit, Today at 01:12:23 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 01:12:23 PM
Hi,

I primarily use groups for setting policies for my configuration. In a test config running in Proxmox this morning, I tried to go back and sanitize some FW group names, changing three of them from

  • all_internal SEQ 11
  • priv_internal SEQ 9
  • iot_internal SEQ 9

to

  • GRP_all_int SEQ 11
  • GRP_priv_int SEQ 9
  • GRP_iot_int SEQ 9

After changing them in the test network and clicking [APPLY] (in the web GUI), access to the Internet went down (defined in rules in GRP_all_int). For reference, the GRP_all_int has general network rules to the Internet, and GRP_priv_int and GRP_iot_int have internal rules that are specific to the VLANs for the interfaces that make up each group. Then each interface has interface specific FW rules and a final rule to block all other undefined network traffic as a catch all.

I rebooted and reloaded the web admin interface, but no joy - couldn't access google.com. Traffic was hitting the catch all rule. Not until I rolled back in the GUI the names and clicked [APPLY] was Internet access restored. Has anyone else encountered this issue by changing FW group names in the web GUI?
Print
Go Up Pages1
User actions