Support Center > Search Results > SecureKnowledge Details
Policy installation fails with "Database conversion failed" when using an empty group in a NAT rule Technical Level
  • Policy installation on R76 / R77 Security Management Server fails with "Database conversion failed".

  • Policy Verification might fail with the following errors related to Application Control rulebase (refer to sk66042):

    • app_rulebase_read_rules: error getting '##<NAME_OF_POLICY>' set
    • gen_appi_rulebase_tables: error getting application rules set
    • Failed to load application rulebase
    • Failed to generate the rulebase
    • Operation ended with errors.
  • Debug of FWM daemon (per sk86186) during policy installation shows:

    Group doesn't have any members, impossible!
    Failed to create group without ipv6 objects
    Failed to convert object in rule
    Failed to remove ipv6 objects from NAT rules

Starting in R76. new code was added to handle IPv6 traffic. This code assumes that it is not possible to have an empty group object in a NAT rule, disabled or not.

Note: To view this solution you need to Sign In .