Panorama - Template objects not shared by firewall cluster

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Panorama - Template objects not shared by firewall cluster

L1 Bithead

I added an existing firewall Active/Active Cluster with multiple Vsys into Panorama

 

Before the integration, some Device objects like "certificates" or "Local user database" were shared by the firewalls member of the cluster.

 

Now I need to create the objects twice times in each template of the firewalls. 

 

Is it possible to manage it like before and the object only one time?

Regards

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Thank you for the post @alemonnier

 

Yes, it is possible, but you might have to re-design your Template design. I would create 2 Template Stacks for each Firewall, then put on top of each Template Stack a Template with configuration for each Firewall. Template with configuration that is going to be shared by both Firewalls would be placed on the bottom of Template Stack.

 

Below is a sample:

 

Template stack 1
  Template with Firewall 1 specific configuration

  Template with general configuration

 

Template stack 2
  Template with Firewall 2 specific configuration

  Template with general configuration

 

After Templates/Template Stacks are created, assign each Firewall to own Template Stack. Each time you want to make configuration change for both Firewalls do the change in Template: "Template with general configuration". This will be inherited by all Templates in Template Stack.

 

Kind Regards

Pavel 

Help the community: Like helpful comments and mark solutions.

View solution in original post

2 REPLIES 2

Cyber Elite
Cyber Elite

Thank you for the post @alemonnier

 

Yes, it is possible, but you might have to re-design your Template design. I would create 2 Template Stacks for each Firewall, then put on top of each Template Stack a Template with configuration for each Firewall. Template with configuration that is going to be shared by both Firewalls would be placed on the bottom of Template Stack.

 

Below is a sample:

 

Template stack 1
  Template with Firewall 1 specific configuration

  Template with general configuration

 

Template stack 2
  Template with Firewall 2 specific configuration

  Template with general configuration

 

After Templates/Template Stacks are created, assign each Firewall to own Template Stack. Each time you want to make configuration change for both Firewalls do the change in Template: "Template with general configuration". This will be inherited by all Templates in Template Stack.

 

Kind Regards

Pavel 

Help the community: Like helpful comments and mark solutions.

L1 Bithead

Hello @PavelK 
Thanks for your answer.

I had this idea too but I was hoping that there was another solution 😅

Regards

Anthony

 

  • 1 accepted solution
  • 2221 Views
  • 2 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!