Custom Filter for Security Policy Source and Destination


Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

L1 Bithead

Custom Filter for Security Policy Source and Destination

I have a use case where I need to search Security Policies based on the source or destination being in certain network ranges. The filters seem to work fine until the source or destination is an object of Type=IP Range or an address-group of Type=dynamic. Those two types of objects seem to get skipped over by the filter.


Is anyone aware of a different method to get around this?



Possibly related, anyone know what the search options of contains.recursive and equal.recursive do? I've tried playing around with them but I can't figure it out.



L4 Transporter

Best option will be use filter like below shown in screenshot:

source in network (yournetwork)


destination in network (yournetwork)

Screen Shot 2020-07-28 at 5.00.41 PM.png

L1 Bithead

Yea, that's what I've been doing and it works great. But it doesn't seem to match when the source or destination object is an ip range or a dynamic address-group.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!