Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides
Register
FAQ
It is currently Tue Jun 06, 2023 7:25 am

ROOT ‹ Network Security & Routing & Switching ‹ Security, NAT, Policies, Screen, Flow, TCP ‹ SRX security policies: error: Failed to build dop for policy receive error: configuration check-out

Post a reply

SRX security policies: error: Failed to build dop for policy receive error: configuration check-out

« Previous topic | Next topic »
Author Message
mandrei99
Post  Post subject: SRX security policies: error: Failed to build dop for policy receive error: configuration check-out  |  Posted: Fri Jun 28, 2013 7:23 am

Joined: Tue Aug 04, 2009 9:16 am
Posts: 250

Offline
 

SRX security policies: error: Failed to build dop for policy receive error: configuration check-out

Following commit error can occur on the srx:

Code:
# commit
error: Failed to build dop for policy receive
error: configuration check-out failed


This is because one of my security policies contained the same target subnet/IPs in source/destination:

Code:
from-zone untrust to-zone vr1 {
    policy receive {
        match {
            source-address remote-net;
            destination-address remote-net;  <--HERE
            application any;
        }
        then {
            permit {
                tunnel {
                    ipsec-vpn vr1-to-vr1;
                    pair-policy send;
                }
            }
        }
    }
}



Top
Display posts from previous:  Sort by  
 E-mail friendPrint view
Post a reply

Topics related to - "SRX security policies: error: Failed to build dop for policy receive error: configuration check-out"
 Topics   Author   Replies   Views   Last post 
There are no new unread posts for this topic. NAT's CONFIGURATION IS NOT WORKING srx210

edFEes

4

3716

Tue Jun 07, 2016 3:49 pm

nosdefe View the latest post

There are no new unread posts for this topic. Juniper SRX testcase - How to block TCP SYN packets with data/segment bytes (strict-syn-check)

admin

0

3063

Tue Jun 19, 2012 8:38 am

admin View the latest post

 

Who is online
Users browsing this forum: No registered users and 0 guests
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
Jump to:  
cronNews News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


ROOT ‹ Network Security & Routing & Switching ‹ Security, NAT, Policies, Screen, Flow, TCP
Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO