query on shared object and shared group #######panorama######

cancel
Showing results for 
Search instead for 
Did you mean: 

query on shared object and shared group #######panorama######

L0 Member

Hi,

 

>We are creating a shared obj and shared group in panorama and committing to only one specific device group at the end.

>will it cause any trouble later in future while doing commit all ?

>Is it okay to do like that or will we face any difficulties  in future?

2 ACCEPTED SOLUTIONS

Accepted Solutions

L6 Presenter

@anil_y,

 

It shouldn't create any issues/difficulties in future. But if you're creating shared object or/group and pushing it on only specific device group, then device group policies for other managed gateways will show out-of-sync.

 

In future, if you make any changes to other out-of-sync managed gateways, then while pushing device group policy, shared objects or/groups will also get pushed to gateways along with the changes that you wanted to push.

 

Shared objects or/groups are normally created if you want to push all such objects on all Panorama managed gateways. So all such objects will get pushed on all gateways in one go.

 

If you want to push specific object on specific gateway, better you do not create is as shared one.

 

Hope it helps!

Mayur

Mayur S.

View solution in original post

@anil_y,

 

Yes, the settings that you're talking about is to avoid sharing unused objects.  In other words, only required objects will be pushed to managed gateways.

 

And regarding SNMP alert, normally SNMP configuration is part of template which is separate configuration of each managed gateway. If possible, please share error snap to get more clarity.

 

Mayur

Mayur S.

View solution in original post

3 REPLIES 3

L6 Presenter

@anil_y,

 

It shouldn't create any issues/difficulties in future. But if you're creating shared object or/group and pushing it on only specific device group, then device group policies for other managed gateways will show out-of-sync.

 

In future, if you make any changes to other out-of-sync managed gateways, then while pushing device group policy, shared objects or/groups will also get pushed to gateways along with the changes that you wanted to push.

 

Shared objects or/groups are normally created if you want to push all such objects on all Panorama managed gateways. So all such objects will get pushed on all gateways in one go.

 

If you want to push specific object on specific gateway, better you do not create is as shared one.

 

Hope it helps!

Mayur

Mayur S.

View solution in original post

Thanks mayur,

 

Also I have observed on panorama that there is an option to uncheck in panorama settins which push shared obj or groups to only gateways where they are used. If we try to push to other gateways we are getting an snmp alert which was configured by some other kinda pa snmp box.

 

 

@anil_y,

 

Yes, the settings that you're talking about is to avoid sharing unused objects.  In other words, only required objects will be pushed to managed gateways.

 

And regarding SNMP alert, normally SNMP configuration is part of template which is separate configuration of each managed gateway. If possible, please share error snap to get more clarity.

 

Mayur

Mayur S.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!