S2S VPN creation with Ansible

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

S2S VPN creation with Ansible

L2 Linker

Hi All,

 

Any playbooks or example for VPN automation with ansible?

Can't find here anything related - http://panwansible.readthedocs.io/en/latest/index.html

 

If no, any plans on building a module for that?

 

Thanks

1 accepted solution

Accepted Solutions

Hi Mike,

 

We currently do not have any ansible playbooks that allow you to setup VPN's. We are working on a solution that might address this use case. Please stay tuned and we will notify once that is ready.
Thanks,

- Vinay 

View solution in original post

10 REPLIES 10

L4 Transporter
Hi Mike,

Are you interested in site to site VPN or GlobalProtect? Can you describe your use case so we know exactly what you want to accomplish?

Thanks!
-Brian

Hi,

 

I'm speaking about s2s VPN with creating all if its componets.

Hi Mike,

 

We currently do not have any ansible playbooks that allow you to setup VPN's. We are working on a solution that might address this use case. Please stay tuned and we will notify once that is ready.
Thanks,

- Vinay 

any luck with that one?

 

Thanks

We are looking for the same thing, basically a playbook that allows us to create the PAN side of the IPSEC tunnel.

The other end is AWS VGW, there are Ansible plugins for it but nothing for PAN. 

Has there been any further update for using Ansible to create S2S/B2B VPN Tunnel?
Can it be done through the API? 

Yes this can be done through the API. Additionally, we have made progress in implementing an ansible module for the creation of S2S VPN with AWS. This is currently under test and will be pushed out as soon as we complete that. 

 

Are you interested in these S2S VPN to AWS VGW or to Azure or to Palo Alto Networks GPCS? 

 

Thanks,

- Vinay

Hi Vinay,
Thanks for responding, right now I am interested in the S2S VPN, we are in the process of moving existing connections from an ASA to a PA-5220.  I am hoping that we can use Ansible for VPN in the same manner that it can be used for Sec Policies and Change Management.

Using Ansible For Firewall SEC Policy Change Management Process

We are interested in the PAN side of the IPSec tunnel. Ansible has modules for the AWS VGW or we can use the boto3. We want to be able to use Ansible modules instead of panxapi, please keep us posted

"Yes this can be done through the API"

 

Are there any examples of how this could be done available?

  • 1 accepted solution
  • 9574 Views
  • 10 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!