01-04-2019 01:48 PM - edited 01-04-2019 01:51 PM
What is the purpose/consequence of a having a template with a default vsys set to either : vsys1 or None -
This is found under: panorama/templates/(specific template name)/Default VSYS/(option of vsys1 OR None)
I'm finding that our firewalls with multiple vsys defined, have the setting to "None". On our global templates (templates used across multiple firewalls in our panorama instance), which don't tie to a specific firewall, but are in the same stack, the setting is "vsys1", yet all firewalls and virtual systems still inherit these settings. I'm hearing that all firewalls have to have a vsys1(default vsys) in order to pass traffic locally. What I don't know is, is that vsys1 required to be set at the panorama level when you setup a new template, or can you set it to none?
Would setting our global templates to "None", have implications on our firewalls that don't have multiple vsys?
From another posted question on live:
What I am not sure is if you could have a multi-vsys firewall without vsys1.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
