IP-address is considered to be invalid in PBF policy as a forwarding next hop in ansible

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

IP-address is considered to be invalid in PBF policy as a forwarding next hop in ansible

L1 Bithead

hi ,

 

i'm trying to create PBF using ansible module , but looks like it doesn't take "forward_next_hop_type" doesnt take a value as a "ip-address" and even "forward_next_hop_value" doesnt considered as given in task...

 

ansible-task:

 

- name: pbf policy
panos_pbf_rule:
provider: '{{ provider }}'
name: '{{ vendor_name }}_AWS-VPN-PBF-1'
from_value: ['SR1_Zone']
destination_addresses: ["{{ object.results[0].before.name }}","{{ object.results[1].before.name }}"]
action: 'forward'
forward_egress_interface: 'tunnel.1'
forward_next_hop_type: 'ip-address'
forward_monitor_profile: 'Default_AWS-tunnelmonitor'
forward_monitor_ip_address: '4.4.4.4'
forward_next_hop_value: ['{{ tunnel_address_1 }}']

3 REPLIES 3

L5 Sessionator

Hi @Bhargav_2784

Is this a duplicate of the other question?

Thanks

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

no this is new question..

Ok, well the answer is the same as the other question (https://live.paloaltonetworks.com/t5/automation-api-discussions/forward-next-hop-type-gets-failed-in...😞

 

Per the docs, the value for "forward_next_hop_value" needs to be a string, not a list of strings. Therefore change

forward_next_hop_value: ['{{ tunnel_address_1 }}']

to

forward_next_hop_value: '{{ tunnel_address_1 }}'

 

Hope that helps!

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂
  • 1297 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!