CFM polcies order primery group and subgroups
We have a group and subgroups with many branch offices (Subgroup 1) and Headqueaters (Subgroup 2) they are at the same group. They have in particular rules that are for Block traffic to WAN excenarios and Allow connection to specific FQDN.... after this HQ and BO have their own set of rules for VPN purpose, WAF purpose, Web, App, etc etc
CFM groups:
Primary: Company name - Rules for general purpose (block traffic to wan o allow traffic to wan)
Subgroup: HQ - Rules for specific HQ purpose
Subgroup: BO - Rules for specific BO purpose
When we add a firewall on the subgroups they sync is putting the rules in the same order we see it on the policies editor of the Subgroup in the CFM. The order is Primary (medium transparent grey) and below the Rules for the Subgroup that you can add or edit.
But in the sync of the firewall we connected to the BO_Firewall we are testing this and we sow that the rules are not in the same order as the CFM Policies.
In the Firewall rules sets are Subgroups and them Primery group.
Subgroup rules:
Firewall Rules BO_FW:
Why the rule are not being upload to the BO_FW in the same order we see it at the Subgroup policies rules?
Added TAGs
[edited by: Raphael Alganes at 2:38 PM (GMT -8) on 19 Feb 2025]
Quote