The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
|
On rare cases, after upgrading a Multi-Domain Server from R77.30 to R80.X, some rules using objects with identical names are not matched
|
Technical Level
|
| Solution ID |
sk172165 |
| Technical Level |
|
| Product |
Multi-Domain Management |
| Version |
R80.10, R80.20, R80.30, R80.40 |
| Date Created |
01-Mar-2021
|
| Last Modified |
09-Mar-2021
|
Symptoms
-
After a Multi-Domain Server upgrade from R77 to R80.x, some traffic is not enforced for an object with an identical name to another object.
Cause
When upgrading a Multi-Domain Server from R77.30 to R80.X, if an object in the Global policy has the same name as an object in the local domain policy, and the global policy is assigned to the local domain - the Security Gateway only uses one of the objects and disregards the other.
Traffic for the disregarded object is not matched. If the disregarded object is the only object in the rule column, the rule will never be matched.
Solution
-
Immediately after the upgrade, check the 'name uniqueness' validation incident in the validation pane in the right side of SmartConsole.
- Rename one of the objects.
