Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

References from a Firewall Filter in a Logical System to Subordinate Objects

 

Resolution of References from a Firewall Filter to Subordinate Objects

If a firewall filter defined in a logical system references a subordinate object (for example, a policer or prefix list), that subordinate object must be defined within the firewall stanza of the same logical system. For example, if a firewall filter configuration references a policer, the firewall filter and the policer must be configured under the same [edit logical-systems logical-system-name firewall] hierarchy level.

This rule applies even if the same policer is configured under the main firewall configuration or if the same policer is configured as part of a firewall in another logical system.

Valid Reference from a Firewall Filter to a Subordinate Object

In this example, the firewall filter filter1 references the policer pol1. Both filter1 and pol1 are defined under the same firewall object. This configuration is valid. If pol1 had been defined under another firewall object, the configuration would not be valid.