Hi, I have a dozen firewalls scattered throughout the US. They are a mix of 5GT-ext's and SSG20's; we are in the process of upgrading.
I have received a list of IP addresses from DSS that are known threats and have added them as hosts in NSM. I put them all in a group in NSM and then started pushing them to my remote sites.
The problem is that on some of the FW's, old and new, I get an error doing the update from NSM.
Here is part of the job log:
Error Text:
Exception caught during Update Device:
The following parameters did not get updated to the device:
set group address untrust "DSS Advisory Threats"
set group address untrust "DSS Advisory Threats" add 195.20.225.152/32
set group address untrust "DSS Advisory Threats" add 65.107.166.125/32
set group address untrust "DSS Advisory Threats" add 204.11.167.30/32
set group address untrust "DSS Advisory Threats" add 65.113.119.140/32
set group address untrust "DSS Advisory Threats" add 218.38.34.33/32
set group address untrust "DSS Advisory Threats" add 65.113.119.158/32
set group address untrust "DSS Advisory Threats" add 61.107.82.134/32
set group address untrust "DSS Advisory Threats" add 165.132.195.205/32
set group address untrust "DSS Advisory Threats" add 65.254.5.210/32
set group address untrust "DSS Advisory Threats" add 67.109.132.215/32
set group address untrust "DSS Advisory Threats" add 211.233.36.125/32
set group address untrust "DSS Advi ...
Error Details:
No Details Available.
The entire list of threat objects is about 5 times that long.
At the end of the log I see this over and over for each object:
Sending configuration cli commands to device ...
Device error on command:
268 set group address untrust "DSS Advisory Threats" add 195.20.225.152/32
Group: Too many entries
...
Verifying configuration ...
Verification failed
The following parameters did not get updated to the device:
set group address untrust "DSS Advisory Threats"...
Is there a limit on 5GT's and SSG20's for the total amount of objects?
I noticed that my SSG550's at my main site don't have this problem.
Any help would be appreciated, I really need to block these.
Message Edited by DeaconZ on 03-05-2009 08:02 AM