This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Template Variables

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Template Variables

kalakai
L2 Linker

‎03-14-2019 01:55 PM - edited ‎03-14-2019 01:58 PM

I didn't find the documentation that helpful regarding template and template stack variables, so I'm writing this post that will hopefully help someone out with creating their first variable. In my example below, we used a template variable to change the next hop IP address in a static route used by the virtual router. Each branch had a different IP address for this static route. As long as Panorama is on version 8.1, variables can be applied to firewalls on a lower version. At the time of writing this, our Panorama was on 8.1 and our firewalls were on 8.0. The variables applied successfully since Panorama is handling the variable logic.

 

To create a template variable in Panorama:

1. Navigate to Panorama > Templates

2. Find the template you want to add a variable to

3. Click the "Manage..." link under the Variables column for that template

4. Click the Add button and name your variable

5. Select the type of variable

   a. You can apply a default value here or select "None" from the drop down list.

   b. IP Netmask was selected in this example

Template VariableTemplate Variable

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

6. [Example scenario] Navigate to Network > Virtual Routers

7. [Example scenario] Select the template you added the variable to

8. [Example scenario] Select the virtual router you want to edit

9. [Example scenario] Open the "Static Routes" tab

10. [Example scenario] Edit the static route, below Next Hop: IP Address select the variable you created earlier from the drop down list

Using the variableUsing the variable

 

 

 

 

 

 

 

 

 

 

 

11. Navigate to Panorama > Managed Devices > Summary

12. Find the firewall(s) you want to add a variable to and click the "Create" link under the Variables column

   a. "Create" will change to "Edit" if you already have a variable applied here

   b. If you want to clone a variable definition, select "Yes", if not select "No". I selected No in this example since it was the first variable we have created so there was nothing to clone from

13. The variable you created earlier will be displayed in the list here

14. Click on the variable you want to edit

15. Enter the value you want to apply to this specific firewall

Entering the firewall specific valueEntering the firewall specific value

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

16. Click OK and then Close

17. Repeat steps 12 - 16 for each firewall you want a variable applied to

18. Commit the changes

2 people had this problem.
2 REPLIES 2

reaper
Cyber Elite
Cyber Elite

‎03-15-2019 06:56 AM

Awesome!

 

thanks for this!

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
0 Likes Likes

BobSpencer
L0 Member

‎10-09-2019 11:41 AM

While this is helpful, I'm having a problem.  I need to use that same variable you created in your example for a virtual router address, however I also need to use that same address in a Policy Based Forwarding Rule.  I cannot figure out how to apply those variables to anything within Policies.

0 Likes Likes
  • 8063 Views
  • 2 replies
  • 5 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks