Hi Jan, I tried earlier to modify the existing security rule without re-running the Ansible playbook of existing security rule and adding into it the required objects but it was no success. Is it possible by using gathered_filter="*" in task for existing security rule and creating next task for adding the new address object in source or destination or service as per our requirement. This will avoid using playbook of existing security rule when we need to add source or destination or service object in existing security rule. This will help if we have rule in which we have too many address objects in all fields.I tried this but its successful not sure I am missing anything. In my case when first task is executed to fetch the details of existing security rule it changes the existing security rule making all fields "any". Exploring this now through xpath script. Let me know if you have any solution to this. Appreciate your work for explaining the Ansible.
Hi,
How do I commit and push from management server (panorama )to the firewall devices
Hi Jan,
I tried earlier to modify the existing security rule without re-running the Ansible playbook of existing security rule and adding into it the required objects but it was no success. Is it possible by using gathered_filter="*" in task for existing security rule and creating next task for adding the new address object in source or destination or service as per our requirement.
This will avoid using playbook of existing security rule when we need to add source or destination or service object in existing security rule. This will help if we have rule in which we have too many address objects in all fields.I tried this but its successful not sure I am missing anything. In my case when first task is executed to fetch the details of existing security rule it changes the existing security rule making all fields "any".
Exploring this now through xpath script.
Let me know if you have any solution to this.
Appreciate your work for explaining the Ansible.
Hello, this is very nice issue, let me try to lab it and come back to you probably in next few days. Jan
@@janblahuta any solution on this issue.