Note that changing VIP IPs where port conflicts occur results in fail

JonTheNiceGuy / fortigate_policy

An Ansible Role to deliver FortiGate Firewall policy changes. THIS ROLE CAN BE DESTRUCTIVE - PLEASE ENSURE YOU HAVE A BACKUP OF YOUR CONFIG BEFORE USING THIS ROLE!

MIT License

2 stars 0 forks source link

Note that changing VIP IPs where port conflicts occur results in fail #3

Open JonTheNiceGuy opened 5 years ago

JonTheNiceGuy commented 5 years ago

If you have two VIP objects as follows:

vip_object_1:
  real_ip: 192.0.2.1
  vip_ip: 198.51.100.1
  real_port: 1111
  vip_port: 1111

vip_object_2:
  real_ip: 192.0.2.2
  vip_ip: 198.51.100.1
  real_port: 1111
  vip_port: 2222

And you want to swap the VIP Port assignment, you can only do this by entirely removing one or the other of the VIP ports (or re-assigning it to something entirely else first) and then moving the other.