This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Shared Objects in Panorama

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Shared Objects in Panorama

MichaelPrensky
L1 Bithead

‎08-12-2019 06:06 PM

Is there a concept of shared objects at multiple levels in Panorama ?  For example, I can have a top level setting at the shared level which says password length is 15 characters and I want that to go to all firewalls.  What I need, is a second shared level beneath that (like at the template stack level) that says anything in "This template stack" has a particular "zone protection profile."  I know that you can add multiple templates to a template stack, but what I am trying to do is use some type of shared setting. 

 

In my case, each "zone" will be different depending on the template being used, but behind the scenes, the "zone protection profile" is the same across all templates.  

 

Everything I have read, says you have to copy the setting for "zone protection profile" for each template you plan on using it with.  I was just hoping I could put the "zone protection profile" settings at a lower shared area that could be utilized by multiple templates.


Michael

1 person had this problem.
0 Likes Likes
1 REPLY 1

BatD
L4 Transporter

‎09-13-2019 08:59 AM

@MichaelPrensky  I know it is an old pos,but t I have been struggling with the same issue and finally found that there is a solution to it.  

 

My understanding is that you want to use one zone protection profile across multiple templates with different zones. The solution is very simple, but a little bit hard to explain.

 

Let’s say that you have Stack1 with Template1 with Zone1 and Stack2 with Template2 with Zone2 and you create zone protection profile “SharedZP” in Tempalte1 and apply it to Zone1. You also create SharedZP in Tempalte2 and apply it to Zone2.

 

Now you create another template Template0 with zone protection profile named SharedZP in it. You add Template0 to the top of Stack1 and Stack2, so you have Stack1: Template0,Template1 and Stack2:Tempalte0,Tempalte2.  Any changes to SharedZP in Tempalte0 will be applied to all you stacks, as long as the zone protection profiles share the same name, because config in Tempalte0 will override the  SharedZP config in Tempalte1 and 2.

 

The result will be that any firewall assigned to Stack1 and Stack2 will have the template specific zones, but will zone protection profile configured in the shared Tempalte0.

 

I hope it makes sense and it is what you need. I tested it and it worked fine.

  • 2860 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks