S2S VPN creation with Ansible

Reply
L2 Linker

S2S VPN creation with Ansible

Hi All,

 

Any playbooks or example for VPN automation with ansible?

Can't find here anything related - http://panwansible.readthedocs.io/en/latest/index.html

 

If no, any plans on building a module for that?

 

Thanks

L4 Transporter

Re: Ansible VPN creation

Hi Mike,

Are you interested in site to site VPN or GlobalProtect? Can you describe your use case so we know exactly what you want to accomplish?

Thanks!
-Brian
Tags (2)
L2 Linker

Re: Ansible VPN creation

Hi,

 

I'm speaking about s2s VPN with creating all if its componets.

Highlighted
L2 Linker

Re: Ansible VPN creation

Hi Mike,

 

We currently do not have any ansible playbooks that allow you to setup VPN's. We are working on a solution that might address this use case. Please stay tuned and we will notify once that is ready.
Thanks,

- Vinay 

L2 Linker

Re: Ansible VPN creation

any luck with that one?

 

Thanks

L0 Member

Re: Ansible VPN creation

We are looking for the same thing, basically a playbook that allows us to create the PAN side of the IPSEC tunnel.

The other end is AWS VGW, there are Ansible plugins for it but nothing for PAN. 

L2 Linker

Re: Ansible VPN creation

Has there been any further update for using Ansible to create S2S/B2B VPN Tunnel?
Can it be done through the API? 

L2 Linker

Re: Ansible VPN creation

Yes this can be done through the API. Additionally, we have made progress in implementing an ansible module for the creation of S2S VPN with AWS. This is currently under test and will be pushed out as soon as we complete that. 

 

Are you interested in these S2S VPN to AWS VGW or to Azure or to Palo Alto Networks GPCS? 

 

Thanks,

- Vinay

L2 Linker

Re: Ansible VPN creation

Hi Vinay,
Thanks for responding, right now I am interested in the S2S VPN, we are in the process of moving existing connections from an ASA to a PA-5220.  I am hoping that we can use Ansible for VPN in the same manner that it can be used for Sec Policies and Change Management.

Using Ansible For Firewall SEC Policy Change Management Process

L0 Member

Re: Ansible VPN creation

We are interested in the PAN side of the IPSec tunnel. Ansible has modules for the AWS VGW or we can use the boto3. We want to be able to use Ansible modules instead of panxapi, please keep us posted
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!