- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-02-2024 09:02 AM - edited 02-02-2024 09:44 AM
I have configured a global-template on Panorama and added some settings to it such as Netflow, SMTP, SNMP and what have you. I have a template for the local pan called pan-template and a template-stack that contains both global and pan-template with pan-template at the top. The problem I am having is settings from global-template are not showing on the pan-template in panorama so I can't apply them. But when I look locally at the firewall I see the configuration and it says 'template-stack (read only).'
From my reading I believe I am doing this the right way but I am not able to see/apply anything from the global-template to the pan-template in order to push it down to the firewall itself. Should I be seeing the global-template settings on my pan-template, or will I not because the pan-template is above the global? And if that is the case what is the right way to do this so that all of my global-template settings can be applied to all of my firewalls via Panorama?
EDIT: I can't even apply the global-template settings locally on the firewall as they are 'template-stack (read only)' as well. So how the hell am I supposed to apply global-template settings to network interfaces that exist in the pan-template and template-stack?
EDIT-V2: If I override the interfaces in the template-stack I can add the netflow profile but why is that?
02-02-2024 12:08 PM - edited 02-02-2024 12:13 PM
Some pics to illustrate, fw-template has the interfaces but no netflow. My global-template has the netflow configuration but obviously no interfaces and the template_stack has both but set to read only. The template_stack has both the global-template and fw-specific templates applied with the fw-template at the top.
This doesn't seem right to me because it makes it so I can't apply any shared settings from the global-template to the firewall unless I override the template_stack. Can someone tell me how I am supposed to be doing this so that any settings that I want shared between templates can be applied to a device specific template?
02-04-2024 09:11 PM
Hello @drewdown
thanks for posting.
To be able to override template stack, you will have to click on "override" button located on the bottom of the screen, then template stack will be editable:
Kind Regards
Pavel
02-05-2024 12:05 PM - edited 02-05-2024 12:22 PM
Ok so I can override the network interface on the stack and that will allow me to apply the NETFLOW setting from my global template.
Thanks for your help @PavelK
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!