Forum Discussion

Felix888_164906's avatar
Felix888_164906
Icon for Nimbostratus rankNimbostratus
Nov 21, 2014

Can anyone help to troubleshoot this tmsh command for Firewall security policy setup?

I have tried many times to setup the firewall policy in TMSH, but I kept get error:
Basically I have setup the rules, but want to setup the policy with TMSH:
 create /security firewall policy Internal-Network-Security description "Internal-Network-Security in DC" rules add {DMZ-Security {description "DMZ Outbound Security in DC" rule-list DMZ-OUT-Traffic place-after}} {LAN-Security {description  "LAN Outbound Traffic in DC" rule-list LAN-OUT-Traffic place-after}} {Join-Domain-Security {description "Join-Domain-DCs Security in DC" rule-list Join-Domain-DCs place-after}}}
 LTM responds: Syntax Error: one or more configuration identifiers must be provided

 Thanks

2 Replies

  • i understand you have to specify rule action. additionally, since you are creating policy, you may have to add rule one at a time.

    e.g.

    root@(bigip)(cfg-sync Standalone)(/S1-green-P:Active)(/Common)(tmos) create security firewall policy Internal-Network-Security rules add { DMZ-Security { action accept place-before first }}
    
    root@(bigip)(cfg-sync Standalone)(/S1-green-P:Active)(/Common)(tmos) list security firewall policy Internal-Network-Security
    security firewall policy Internal-Network-Security {
        rules {
            DMZ-Security {
                action accept
            }
        }
    }
    
  • I'm so sorry to get you back so late nitass as I was out for travel. You right about the rule. But since there are so many options in commands for rules I use gui to setup the rules, but I may practise more to use TMSH.