Hello,
For a PAN device connected with an LDAP server - is it possible to create an address group object containing users added with "Authentication profile: LDAP", using Ansible?
Thank you for your time.
Best regards.
What kind of least privilege account role would be needed for dagpusher.
Also can minemeld read registered IP's from a firewall and use it in dagpusher/EDL
Just curious if there is another way to do it, without spending money..
I am pulling DAG blocked IPs from physical PA boxes using a python script, and then i am thinking of printing the formatted output in csv. This CSV will be used by a powershell s
...
I have a simple script that used to work but not any longer. It now hangs during the "load_system_host_keys()". I have even tried using user parameters, which is commented out, but still it hangs. Any idea why it can't connect either via ssh key o
...
I am new to python. I am able to get results using op() method but not able to display or parse them to use meaningfully.
fw = pandevice.base.PanDevice('10.10.10.10',api_key='abcdefgh')
fwcmd = fw.op(cmd='show global-protect-gateway current-user',xm...
Hello,
I have three virtual machines, each hosting a PA Firewall. One VM - test one, has no SSL installed, the other two have a self-signed SSL certs installed. I can access the firewall web GUI on all three VMs using a web browser. When I run the fo
...
Hello,
I have a simple playbook adding/removing tags:
---
- name: 'Palo Alto PAN OS: Create a new tag object.'
hosts: all
connection: local
gather_facts: true
collections:
- paloaltonetworks.panos
pre_tasks:
- name: Get the sy...
Trying the API in browser. Clicking either submit or the URL give me error "show rule hit count op-command failed'
Tried on 5250 multi-vsys and 220, both on 8.1.8-h5
https://PA/api/?REST_API_TOKEN=111111111&type=op&cmd=%3Cshow%3E%3Crule-hit-count%...
Wondering if anyone has had any experience updating rules. I have approximately 700 or so rules that i need to add a security profile group to...
testing the following seems to basically overwrite anything not provided to 'any'
- name: update rules
...
Hi,
I would attribute specific rights to an key on my panorama.
However when i use curl command or simply the the url like https://firewall/api/?type=keygen&user=username&password=password
I get each time the same key, no matter the user used, it's al
...
Hi Guys,
I need to translate the base 'xml' config to 'ansible'.
I cannot locate any concrete information on doing the above:
- Management creation
- Policy definition
- Static Routes
- VPN i.e. Tunnel etc
etc
I am trying to setup a Policy Push for quiet traffic hours of the day. This would ensure that Admins need only to commit to Panorama and then the push occur during the night. The systems are heavily taxed throughout the day and a Scheduled Policy Pus
...
I have a very simple python script that uses ssh=paramiko.SSHClient(), ssh.connect (host, 22, user, password), stdin, stdout, stderr=ssh.exec_command(command), and for line in stdout.read().splitlines(): print(line).
When I set host, user, password a
...
Why am I not getting response when using pan.xapi vs panxapi.py?
from python interpretor:
api_sess = pan.xapi.PanXapi(hostname="10.209.32.33",api_username="myusername", api_password="mypassword",api_key='mykey')
api_sess..show(xpath = "/config/device
...
I did some work with pandevice and I am able to create new configuration in a Firewall, but struggling working with the existing Panorama configuration. Can you please help me with ideas for the below.
I need to move a firewall between panorama appl
...
