This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Static Routes not updating Panorama to Firewalls

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Static Routes not updating Panorama to Firewalls

Go to solution
Jatin.Singh
L3 Networker

‎09-10-2019 11:36 PM - edited ‎07-21-2020 12:24 AM

firewalls are not receiving the Static Routes added to Panorama.

Do these need to be entered manually in the Firewalls or how do we propagate these changes?

 

The Firewalls and Panorama are synched and other changes to Panorama are synched to the firewalls when I commit.

The Static Routes are not synching even though I have committed the change.

 

No error all seems fine when we commit,  I thought this was completed and checked the firewalls only to find the Static Routes had not synched.

 

 

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
BatD
L4 Transporter

‎09-11-2019 12:58 AM

@Jatin.Singh You need to select “Force Template Values” when pushing the template config to the firewall.

Capture.PNG

 

The issue is that the configuration object is in fact the whole Virtual Router and not the individual static routes. So if you had many any change to the VR locally on the firewall, the VR will be seen as  overridden and no new Panorama template changes will be applied to the it, unless you select to force template values. However be aware that will override any overlapping local firewall changes.

View solution in original post

(1)
3 REPLIES 3

Go to solution
BatD
L4 Transporter

‎09-11-2019 12:58 AM

@Jatin.Singh You need to select “Force Template Values” when pushing the template config to the firewall.

Capture.PNG

 

The issue is that the configuration object is in fact the whole Virtual Router and not the individual static routes. So if you had many any change to the VR locally on the firewall, the VR will be seen as  overridden and no new Panorama template changes will be applied to the it, unless you select to force template values. However be aware that will override any overlapping local firewall changes.

(1)

Go to solution
Jatin.Singh
L3 Networker
In response to BatD

‎09-11-2019 05:04 PM

@BatD Thank you very much

 

found a KB in relation to it aswell

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clh7CAC

0 Likes Likes

Go to solution
BatD
L4 Transporter
In response to Jatin.Singh

‎09-11-2019 11:33 PM

@Jatin.Singh Yes, this is what I was trying to explain. You either manage the routes in Panorama templpate or localally on the firewall for the same VR. You can't mix the two and to fix it you will need to decide which routes do you need to keep. 

0 Likes Likes
  • 1 accepted solution
  • 6434 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks