I noticed that in Policy & Objects there is at CLI Configurations > Objects > router some router objects like prefix-list and route-map.
This seems to achieve something when first wanting to use a prefix-list or route-map for example in the Device BGP configuration. But later changes in the Policy & Objects on that configuration don't seem to have an effect.
Did anyone work with this successfully? How did you make this work?
Based on my experience with 7.2.x FMG firmware, those routing protocol related config objects do NOT seem to be considered as a part of Policy Packeges. Therefore, even when you make a change in one of those objects under Policy & Objects page, the FMG wouldn't recognize a change happened to the managed FGTs that uses any of Policy Packages.
This is probably because none of policies refer to the routing configuration.
If you want to control/regulate those routing objects on FGTs by FMG, your option would be CLI templates/template groups, which is separately checked their "sync" status against the managed FGTs.
I don't know if this has changed with 7.4.x or 7.6.x. Somebody else should be able to provide info for newer versions.
Toshi
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
