12-01-2021 01:22 PM
I need to replace all instances of a given IP address ( "Next Hop" address in the virtual router) with a different IP address.
How to do that trough Panorama?
Thank you in advance
12-01-2021 02:31 PM
Thank you for posting question @Adnan_SA
If your firewall is already managed by Panorama and all configuration under virtual router were configured by Panorama's Template, then you can just navigate in Panorama to: Templates > Network > Virtual Routers > Static Routes > change: Next Hop, then commit to Panorama and push to device > Templates and then select Template Stack to be bound to Firewall.
If your Firewall is managed by Panorama, but you are not using Template to manage virtual router configuration, you can still create a Template with new configuration under: Templates > Network > Virtual Routers > Static Routes > change: Next Hop, then you have 2 options to push this configuration:
- You can select: "Force Template Values", then all your locally configure virtual configuration will be replaced with what you have configured in Template. Proceed with caution while using this as all non Template defined configuration will wipe locally configured configuration causing outage or undesirable outcome. Here is corresponding KB: https://knowledgebase.paloaltonetworks.com/kcSArticleDetail?id=kA10g000000PMj1&refURL=http%3A%2F%2Fk...
- An alternative way is to proceed with the same configuration in Template, but do not select: "Force Template Values", then Template configuration will be pushed to manage Firewall, but will not be applied. This icon will be shown:
in local Firewall and you can click on this icon and override local configuration. In this way you are in control what gets overridden.
There are more ways to go around it, but this might be either overkill or not practical if you are aiming to change only single configuration.
Thank you Pavel. This is what I need.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!