Automation/API Discussions

Loading partial configuration snapshot

Hello,

I am new to Palo Alto and its API, and I am a bit lost: I need to load a named configuration snapshot, which may be uploaded from a third party, without changing the

/config/shared/local-user-database-user-database entry.

I am currently download

Ansible problem - The task includes an option with an undefined variable. The error was: 'provider'

So i am very new to using ansible with Panorama/Palo Alto firewall. I am doing a test on my test lab pano to see if i can push test rule over to panorama. Here is my yml file

---
- name: Create test new rule playbook
hosts: all
connection: local

roles:
-

PAN firewall automation: A new thorough approach

Hi,

I would like to introduce a completely new thorough approach to the PAN firewall automation with you by sharing the part of my ongoing work. I would consider this as an equivalent of pandevice even though there are still a lot of work to be done.

test security policy from Panorama using pandevice

@gfreeman , @btorresgil 

Just checking can we use test security policy using Panorama  . In version 9 under GUI option i can see that ( Device grp ---> Policy )

I was trying using pandevice but getting exception error :

andevice\base.py", line 3486,

Manage On-prem IPSEC config with PAN TF provider

Here is my use-case,

We have a bunch of VPCs,VNETs in different cloud providers. When we spin up a VPC, we configure the VPN back to the on prem which is a Palo Alto firewall. The VPN configuration on the Palo alto firewall is manual.

I m wondering i

Building an Automation host in AWS

Hi All,

having just painfully struggled through getting my first ansible automation to work I figured I'd share my findings here for other total beginners. It turns out my fight wasn't about getting Ansible talking to the firewall but about getting An

Automating PANOS - the Ansible and Terraform "no question is too dumb" post

I'm currently in the process of teaching myself automation. Lots of things I end up beating my head against a wall over dumb stuff.

"How do I open the ~/.ssh directory so I can drop the private key in there for SSH?". Huh, who knew that it's not that

Configuring IPSEC VPN using API

Can someone help with ideas on how to configure a VPN via API?

Pulling interface and zone details for an IP using PAN device framework

@btorresgil and all ,

I am trying to pull interface and zone details for an IP using PAN device framework.

Could you please help me on this. My end goal is to run test_security match cmd to find if rule is allow or not .

Current i can do this using fw

Ansible beginner ping to PA firewall

I am new to ansible and i am trying to do a simple ping test to a host that i want to test. I enter the command "ansible all -m ping" and got this error

10.2x.x.x | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: This