vManage generate wrong configuration for custom control-policy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2019 06:27 AM
I'm playing with custom control-policies and CLI configuration generated based on "GUI process" is wrong. Relevant part of generated config here:
control-policy SC3-BR51 sequence 1 match tloc site-list HQ source-ip 0.0.0.0/0 << this row is generated but not accepted after applying policy ! action reject ! ! <cut> default-action accept !
Attempt of activating policy ends with syntax error "unknown source-ip ...". When I create the same custom control-policy without this row, everything works correct. I'm not able confugure "source-ip" in the GUI.
Step by step in "GUI" (based on some lab guide):
- Under Topology select Add Topology and choose Custom Control (Route & TLOC).
- Specify name and description (in my case SC3-BR51).
- Add Sequence Type and select TLOC. Add first sequence rule. Under Match choose
Site and select "HQ" site list. Default action – reject is suitable.
vManage and vSmart version is 18.4.0.
Any ideas?
--
martin
- Labels:
-
SD-WAN vManage

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2019 11:59 AM
Hi Martin,
The addition of source 0.0.0.0/0 in the match condition of centralized policies built using the policy builder wizard was needed for some internal operation, however, unfortunately, it created an issue where matching was not occurring. There would not be an issue to activate a policy, but the policy may not have worked as expected... This sounds a little different from what you are describing, but nonetheless my suggestion would be to upgrade the controllers and routers to a later 18.4.x release if you want to stay on the 18.x train or to the 19.1 release.
Hope this helps.
David
@DavidKlebanov
