Zone Creation W/ Python Device Framework

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Zone Creation W/ Python Device Framework

L1 Bithead

I am working on a script to do automation of new tenant builds. One thing I am having a tough time with is creating VLAN Zones because I need to assign them to the specifc VSYS/Location but don't seem to have a paramter to do that. I have been able to successfully add things under Objects and Policies to their specific VSYS, but this zone add is hanging me up. Here is an example of what I am trying to do:

 

fw = firewall.Firewall('127.0.0.1', 'user', 'pass', vsys="shared")
vsys1 = device.Vsys(name = 'vsys1', display_name = 'PRESENTATION')
fw.add(vsys1)
vsys1.create()
VLAN_zone = network.Zone(name = 'TEST_706', mode = 'layer3')
fw.add(VLAN_zone)
VLAN_zone.create()

 When I attempt to create the VLAN zone I get the following error:

 

Traceback (most recent call last):
File "C:/Users/ttoquothty/PycharmProjects/PaloAlto/IaaS.py", line 34, in <module>
VLAN_zone.create()
File "C:\Users\ttoquothty\PycharmProjects\PaloAlto\venv\lib\site-packages\pandevice\base.py", line 576, in create
device.active().xapi.set(self.xpath_short(), element, retry_on_peer=self.HA_SYNC)
File "C:\Users\ttoquothty\PycharmProjects\PaloAlto\venv\lib\site-packages\pandevice\base.py", line 3175, in method
raise the_exception
pandevice.errors.PanDeviceXapiError: Could not find schema node for xpath /config/shared/zone

1 accepted solution

Accepted Solutions

@gfreeman I think it is because in my 'fw' object I have the vsys set to 'shared'. Because looking more closely at the error I was getting it mentions it could not find the xpath for /config/shared/zone. I am on 0.6.3 for Pandevice so should be good there. 

 

This is my first go at anything automation related with the Palo (and also new-ish to Python), it's been pretty cool so far! 

View solution in original post

4 REPLIES 4

L1 Bithead

I figured out my issue and figured out I'd post a update in case someone stumbles across this with the same question.

 

instead of doing fw.add(VLAN_zone) my script for the Zone should have been:

 

VLAN_zone = network.Zone(name = 'TEST_706', mode = 'layer3')
vsys1.add(VLAN_zone)
VLAN_zone.create()

Using the vsys1 I established earlier to add the Zone. 

I'm glad that you got it working, but that should have worked.  I just tested it and it does indeed work for me (since there is no vsys specified in the `fw` object, it should default to `vsys1`).

 

I suspect your version of `pandevice` is older, and I'd recommend making sure you're running 0.6.0, which is currently the latest.

@gfreeman I think it is because in my 'fw' object I have the vsys set to 'shared'. Because looking more closely at the error I was getting it mentions it could not find the xpath for /config/shared/zone. I am on 0.6.3 for Pandevice so should be good there. 

 

This is my first go at anything automation related with the Palo (and also new-ish to Python), it's been pretty cool so far! 

Oops, missed that.  Yep, you're right 🙂

  • 1 accepted solution
  • 3670 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!