Forum Discussion
Felix888_164906
Nimbostratus
NimbostratusCan anyone help to troubleshoot this tmsh command for Firewall security policy setup?
I have tried many times to setup the firewall policy in TMSH, but I kept get error:
Basically I have setup the rules, but want to setup the policy with TMSH:
create /security firewall policy Internal-Network-Security description "Internal-Network-Security in DC" rules add {DMZ-Security {description "DMZ Outbound Security in DC" rule-list DMZ-OUT-Traffic place-after}} {LAN-Security {description "LAN Outbound Traffic in DC" rule-list LAN-OUT-Traffic place-after}} {Join-Domain-Security {description "Join-Domain-DCs Security in DC" rule-list Join-Domain-DCs place-after}}}
LTM responds: Syntax Error: one or more configuration identifiers must be provided
Thanks
2 Replies
- nitass
Employee
i understand you have to specify rule action. additionally, since you are creating policy, you may have to add rule one at a time.
e.g.
root@(bigip)(cfg-sync Standalone)(/S1-green-P:Active)(/Common)(tmos) create security firewall policy Internal-Network-Security rules add { DMZ-Security { action accept place-before first }} root@(bigip)(cfg-sync Standalone)(/S1-green-P:Active)(/Common)(tmos) list security firewall policy Internal-Network-Security security firewall policy Internal-Network-Security { rules { DMZ-Security { action accept } } } 
Felix888_164906I'm so sorry to get you back so late nitass as I was out for travel. You right about the rule. But since there are so many options in commands for rules I use gui to setup the rules, but I may practise more to use TMSH.
