I try to backup all the device states of firewalls managed by a Panorama, and to download these device states on the server where the script is run.
When I try to backup using the firewall API itself, it is working (the output file is indeed the device state).
When I try to backup using the Panorama API (with the serial number of the firewall in my command line), the output is an XML file stating that the device state has been created successfully.
I can across an old post describing the very same issue:
Are there now some options to achieve this goal? Or are there other automatic options to save all device states at once on a regular basis? I'd like to avoid direct access to firewalls (because of closed firewall ports and/or permissions).
It can be done but it's rather awkward. The trick is to transform the CLI command to run as an XML request in this format:
CLI: scp export configuration from MyBackup.xml to user@<scphost>:/path
There probably exists examples of an uglier, more kludgy syntax than this but you'd have to reference 1970s mainframe manuals to find it. Why can't the command be fit between single tags? Be that as it may, if you are executing the commands against Panorama, you would want to append the "&target=device_serial_number" to the end of the request URL and iterate through the device serial numbers that Panorama manages.
I was warned that my post has been changed because it claims there was invalid HTML in the body. The change isn't obvious to me so I hope what was posted is reasonably close to what I entered.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!