Panorama - address object use in templates

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Panorama - address object use in templates

L2 Linker

In panorama I'm having to mark address objects as "shared" in order to access them in a template.  I'm curious if this is by design or if I've done something wrong.  This panorama install is brand new so I'm still learning and the firewalls I'm setting up are not live yet.  After I get this going I have other firewalls to import.

 

I have one device group with two firewalls in it.  The firewalls are active/active.  I have two template stacks, one for each firewall.  Each stack contains a "common" template with settings that are the same between both firewalls and a "specific" template for the settings are are specific to each firewall.  (The common one contains things like syslog server definitions, user-id, etc.  The specific ones contain interface definitions, etc)

 

Currently if I try to set an address object on an interface (in the specific template) I cannot select it from the drop down unless the address object is marked as shared.  I was hoping to keep the address objects for the interfaces only in the device group.  These templates are only for the firewalls in that device group.

2 REPLIES 2

L3 Networker

As far as I know, anything that is going to be used across multiple templates or device groups must be set as a shared object. I don't of any exceptions to this.

Thanks.  That's how it's working, I just wanted to make sure there wasn't a way around it before I got too far down that road.  I changed the setting in Panorama to keep it from syncing unused object to the firewall so at least the firewalls will have only used objects on them.  I'll just have to be careful on naming conventions in Panorama to keep from duplicating anything.

  • 2820 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!