Using implicit objects from SMC
By default, the SMC object database contains Firewall_xx and Network_xx objects, which correspond to network interfaces on managed firewalls, e.g., Firewall_in and Firewall_out.
These implicit objects do not have defined values, and are not deployed by SMC on firewalls.
Other implicit objects can be created manually. They have to correspond to a known interface when they are used in a firewall's configuration. In the configuration, their values will be replaced with the address of the network interface on the firewall with the same name. If none of the network interfaces on the firewall have the same name, the deployment of the configuration will fail.
If you rename the network interface on a firewall locally or through SMC when it manages network configuration, the corresponding objects Firewall_xx and Network_xx will neither be automatically renamed on SMC nor updated in the rules or policies in which they are used. We recommend that you perform this configuration manually to prevent configuration errors. We recommend following the steps below when your firewall's network is managed by SMC:
-
Locally on the firewall in question, change the name of the interface,
-
On SMC, force the retrieval of the interface and routing configuration from the menu System > Configuration in the firewall settings,
-
On SMC, create the Firewall_xx and/or Network_xx objects that bear the new interface name.
-
If the previous implicit objects that bear the former names are used in the configuration of the firewall in question, replace them with the new objects.
-
Deploy the configuration.