Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Bart_Leysen
Contributor

Export objects and import in the Global Domain

We have multiple domains, now i want to export some network objects and import them in the global domain because we want to use them on all the different domains.

This way we only need to change this in 1 place and not on all the different CMA's.

 

Thank you

Bart

0 Kudos
2 Replies
G_W_Albrecht
Legend
Legend

This can be achieved by defining these global objects in the Global Domain and using them in local Domains.

0 Kudos
Maarten_Sjouw
Champion
Champion

You can use the API to run these commands on a specific domain: show hosts and show networks, that output you can then be reworked to i.e. add g_ infront of the names and then add them to the global domain (do not use the domain option when you login with the mgmt_cli)
After publishing they are part of the global domain. reassign it and you will be able to use them within the domains.
When you also add some rules i.e. for access to your gateways from your standard SSH jumphost, you can also use a Dynamic global object. This object is a object that can be used in global rules and can be edited within the domain itself.
How does it work?
You create a Global Dynamic object in the Global policy, the name MUST end in _global i.e. Gateways_global
In the domain that you assign the global to you must create a object with the exact same name, so you create a simple network group named Gateways_global
Now in the domain you add the gateways that belong to that domain and push policy now the jumphost line will effectively give you the access from the jumhost to the gateways as you put it in the global rule.
Regards, Maarten
0 Kudos