This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Creating a Vsys/VR via CLI

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Creating a Vsys/VR via CLI

dwmaas
L2 Linker

‎03-26-2018 02:03 PM

Does anyone have a script or a way to implement a new virtural firewall and virtual router via the cli? Does not have to be automatic but would like to get to that point? I have a couple dozen to implement and looking for a quicker way vs via gui.

Thank you

David

0 Likes Likes
5 REPLIES 5

toquothty
L1 Bithead

‎06-20-2018 12:49 PM

@dwmaas are you still looking for this? I have been working on a script to create full tenants via vsys creation and could share that portion of the script if you're still looking

0 Likes Likes

dwmaas
L2 Linker
In response to toquothty

‎06-20-2018 01:47 PM

Hi,

Yes still looking, just dropped down in priorty on my list. But that would be fantastic if you could share what you have.

Thank you

David

0 Likes Likes

btorresgil
L4 Transporter

‎06-21-2018 08:25 AM - edited ‎06-21-2018 08:27 AM

Why use CLI?  If you're going for automation, API is usually a much better option.  You could use any of our API libraries to do this quickly.  Here's an example using the Palo Alto Networks Device Framework:

 

from pandevice import firewall, device

fw = firewall.Firewall('10.0.1.1', 'admin', 'password', vsys=None)

fw.add(device.Vsys('vsys2', 'My New Vsys1')).create()
fw.add(device.Vsys('vsys3', 'My New Vsys2')).create()
fw.add(device.Vsys('vsys4', 'My New Vsys3')).create()
fw.add(device.Vsys('vsys5', 'My New Vsys4')).create()

fw.commit()

That creates 4 vsys on the firewall.  If you need vsys each with their own virtual router you'd do something like this:

 

from pandevice import firewall, network, device

fw = firewall.Firewall('10.0.1.1', 'admin', 'password', vsys=None)

vr2 = fw.add(network.VirtualRouter('vsys2-vr')
vsys2 = fw.add(device.Vsys('vsys2', 'My New Vsys2'), virtual_routers=[vr2])

vr2.create()
vsys2.create()

fw.commit()

That would give you a new virtual router in a new vsys.

 

More information:

https://live.paloaltonetworks.com/deviceframework
http://pandevice.readthedocs.io/en/latest/usage.html#working-with-virtual-system
http://pandevice.readthedocs.io/en/latest/module-device.html#pandevice.device.Vsys

toquothty
L1 Bithead
In response to btorresgil

‎06-21-2018 01:38 PM

@btorresgil This is why it's nice to see others work sometimes. I had a very similar thing to part two I was going to share, but I was defining my variable, then adding it in another line and then creating it in another line. I hadn't even thought about that I could be slimming it down to one line for the add and create!

0 Likes Likes

dwmaas
L2 Linker
In response to btorresgil

‎06-21-2018 01:45 PM

Thank you very much, this would work out super, we do what to automate the entire vsys/vr and bgp router configs. So it is not done manually.

 

0 Likes Likes
  • 5085 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks