Description
This article describes the case when the address group configured does not appear in the static route configuration; however, the address object is available.
Scope
6.0.x Onwards.
Solution
In certain cases address group configured does not appear in the static route configuration; however the address object is available.
Make sure all the address objects called in that address group must have 'set allow-routing enable' in the configuration. Also 'set allow-routing enable' should be enabled for the address group as well.
To check the configuration for the address object and address group, use the below CLI commands:
sh firewall address "address-object-name"
sh firewall addrgrp "address-group-name"
Through GUI it can be checked using the below:
'Policy & Objects -> Addresses': select the 'address object' which is part of 'address group' and in that 'Static route configuration' must be enabled.
Also, enable 'Static route configuration' for 'address group' as well, then only address-group-name will show in the Static Route list.
