Panoram and Clusters

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Panoram and Clusters

L4 Transporter

HI

 

Sort of asked this before, but with a couple more months of experienace, I am back again

 

So I have a cluster I want to manage with panorama

 

Object and polices work great... templates not so good.

 

So I have a cluster setup for Global protect, but I have to duplicate my certificates, interfaces and zones between 2 templates.  because things are linked to a router and I have 2 different routers with unique routerids and I have some unquiue stuff as well, the HA ip address, the management port << this includes a management port certifcate which comes from panorama.

 

so I am thinking I am going to move all the unique stuff into management from within the PA directly remove panorama completely.  then I have 1 template that address all the needs and I will only need to comfigure stuff once and not twice .

 

and I am thinking of moving away from unique names for my routers go back to using default, so when i create agg ports or other interfaces I can just assigne to default.

 

 

I find this a very big short coming of the template system for panorama.  atleast if when you used the interface it looked at the stack for references to things I it would make it easier ....

 

 

 

 

 

 

 

1 REPLY 1

L5 Sessionator

Hi,

 

Just take in consideration taht Panora ma aim is to simplify config deployment between "large" number of PA.

In your case, you have only one cluster. between cluster member, confif is replicated automatically.

Then, my opinion, if you have only on cluster, integrate them in the Panorama and for management, change of context.

 

In parallele, your panaorma allow you to consolidate all your logs.

 

The best is the ennemy of the good.

 

Rgds

 

V.

  • 1736 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!