Add URL for SSL Decryption from Panorama for multiples device

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Add URL for SSL Decryption from Panorama for multiples device

L3 Networker

Hello ,

 

I need add several URLs for SSL Decryption  for multiples device and I wanted do it from Panorama to avoid having to access the firewall one by one,

 

Any idea? Can I create any template or similar only for it?

 

Regards

3 REPLIES 3

L4 Transporter

Hi

 

I think the easiest way to do this is to use a 'Custom URL Category' object (under 'objects' tab) and place the URLs there one by one.

Then in the SSL decryption policy you can call this URL Category.

 

You can create this object as 'shared' by placing a check mark when creating the object. A Shared object is visible on ALL firewalls.

Or you can create this object in a Parent Device Group and it will filter down to all child device groups and firewalls.

 

If you are referring to SSL decryption exclusion - then add them under a template in 'Device'->'Certificate Management'->'SSL Decryption Exclusion' and again place a check mark on 'shared' so all firewalls will receive these.

 

Note that you need the firewalls to be Panorama managed for above to work.

 

Hope this helps,

Shai

Hello,

and another question

can we have several templates for different configurations or can only 1 device be associated to 1 template?
On the other hand if I delete the template from the panorama the configuration applied to the device members of that template is deleted?

Thank you

L4 Transporter

Hi

 

A device, or devices, are associated to template stacks. Template/s are associated to a template stack. All template values are pushed to the device/s. In this manner you can have a template for general values and another one more specific and they will combine to one set of values on the device.

 

On a firewall under device->setup->Panorama you can delete it's panorama association and choose to save a local copy of the values or not. Note that if you do this you'll have to re-associate it to the Panorama later if more changes needed.

 

If you delete template values the firewall/s associated to the template will have the values deleted from them.

 

Shai

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!