Meraki

Community

Support object overrides for network objects

GeorgeVII
Here to help
Wednesday
Wednesday

Support object overrides for network objects

Hello and thanks for having a look at my post.


As of now, Meraki does not support object overrides for network objects in the same way Cisco FMC does.


Network Objects in Meraki are centrally managed and shared across all networks in an organisation.

When a Network Object is modified, the change is reflected across all firewall rules that reference it.

There is no native override feature that allows you to customise a shared object per network or device like FMC does.


Will Meraki ever support the ability to define a shared object and then override its value on specific devices, allowing for device-specific customisation while maintaining centralised policy management?


Has anyone else ever thought that Meraki should provide the ability to override network objects?


How can we convince the devs to add this feature?


Thanks,

George

Labels:
0 Kudos
7 Replies 7
RWelch
Kind of a big deal
Kind of a big deal
Wednesday
Wednesday

Give your feedback (previously Make a Wish) lets the Meraki teams know what you would like changed with our product and how that would help you.  Give them the use case in which it would benefit you or your networks.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
GeorgeVII
Here to help
Wednesday
Wednesday

Thank you RWelch! I will do that 🙂

PhilipDAth
Kind of a big deal
Kind of a big deal
Wednesday
Wednesday

Personally, I hope they don't do this.

 

When I see an object, I would prefer it to be the same everywhere that I see it.  Otherwise, I'll have to keep checking for overrides.  🙂

In response to PhilipDAth
GeorgeVII
Here to help
yesterday
yesterday

Thanks for having a look at my post and taking the time to reply, Philip.

 

When overrides for network objects are not allowed, managing multiple locations becomes challenging. If all offices share the same Layer 3 firewall rules, but you need to allow traffic from each office’s subnet specifically, you can’t leverage a template. This means that every time a rule needs to be added to all firewalls for example, each firewall ruleset will need to be updated manually (or leveraging the API).

 

 

In response to GeorgeVII
PhilipDAth
Kind of a big deal
Kind of a big deal
yesterday
yesterday

Did you know that template firewall rules allow you to reference VLANs (rather than subnets)?

PhilipDAth_0-1758225170164.png

 

And even specific IP addresses (using the last part of the four-part address) inside the VLAN?

PhilipDAth_1-1758225218856.png

 

This does require you to have nice, uniformly deployed networks.

 

>you need to allow traffic from each office’s subnet specifically,

 

Any chance of using a supernet to resolve this issue?

In response to PhilipDAth
GeorgeVII
Here to help
14 hours ago
14 hours ago

Thanks so much for your reply Philip.

 

I was aware that VLANs can be referenced, but I didn’t realize this feature could be applied within a template—especially not with the option to specify an IP address inside the VLAN.

 

So, are you saying that Meraki is intelligent enough to automatically select the appropriate VLAN based on the network’s VLAN configuration?

0 Kudos
In response to GeorgeVII
PhilipDAth
Kind of a big deal
Kind of a big deal
13 hours ago
13 hours ago

The name that you assign to the MX interface is the name that is used.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.