Announcement

Collapse
No announcement yet.

Policy not shown until system is rebooted

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Policy not shown until system is rebooted

    General
    • Untangle version: 16.5.2
    • Platform: ESXi; 2x vCPU, 4GB RAM, 250GB disk

    Issue

    After creating a new policy and then rules to assign sessions to that policy, the Policy ID (i.e. policy name) will not show up for the assigned session until the system is rebooted. I can verify the sessions are assigned to the policy via these reports:
    • Reports --> Policy Manager --> All Events: New sessions will have the correct Policy Rule # but the Policy ID = None.
    • Reports --> Policy Manager --> Top Policy Usage: Graph shows session assigned to the Policy # (e.g. [1]) but the actual Policy ID is not shown.
    What is even stranger is that in the Session by Policy & Traffic By Policy reports, the sessions show as assigned to the desired policy but neither the Policy # nor ID are shown. The only way to tell the sessions were assigned is because there is a new colored wedge with no verbiage at all.

    I am using the most basic setup akin to the following:
    • Policy name: test-1
    • Rule: SourceIP = 192.168.1.1 --> test-1
    Thanks in advance for your feedback.

  • #2
    Curious. How long a time are you allowing before checking? The new Policy might take a few minutes to filter through to Reports, but it definitely doesn't require a reboot. It might be quicker to go to Apps > Reports > Status (the first tab that opens) and disable/re-enable the Reports app.

    It sounds like the new Policy/rules are working but the Reports & Sessions viewers take a little time to catch up; is that right?
    Græme Ravenscroft • Technical Marketing Engineer
    ('gram', like the unit of measurement)
    he/him
    Please don't reboot your NGFW.
    How can we make Arista ETM products better?

    Comment


    • #3
      It probably wont apply to already open sessions.

      Comment


      • #4
        Originally posted by donhwyo View Post
        It probably wont apply to already open sessions.
        Correct, but from OP's description it sounds like the policies are working as intended. It's just Reports data that's taking a while to show accurate information.
        Græme Ravenscroft • Technical Marketing Engineer
        ('gram', like the unit of measurement)
        he/him
        Please don't reboot your NGFW.
        How can we make Arista ETM products better?

        Comment


        • #5
          Hello gravenscroft & donhwyo - Thanks for your replies...

          Originally posted by gravenscroft View Post
          It's just Reports data that's taking a while to show accurate information.
          Well, to be honest, I'm not 100% sure if the sessions spun up after policy creation are assigned as expected. What I mean here is that it depends on which report is being viewed.

          For example, if looking at the Reports --> Policy Manager --> All Events​ report, then the sessions show a Policy ID of "None" which indicates that the sessions are not being assigned properly. But if looking at the Reports --> Policy Manager --> Top Policy Usage​ graph, then by virtue of the new Policy # appearing in the graph, and it being a non-zero quantity, then it is implied that the sessions are being assigned properly. It is important to note that in the latter case, only the Policy # is shown - not the Policy name (i.e. Policy ID).

          Originally posted by gravenscroft View Post
          Curious. How long a time are you allowing before checking?
          With the first instance, I waited over an hour after the first session was assigned to the new policy. However, since my initial post, I have had occasion to add more polices and in the most recent case, I waited upwards of 20 hours before rebooting.

          Comment

          Working...
          X