This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

I need to add a vsys to migrating configuration in expedition

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

I need to add a vsys to migrating configuration in expedition

Kevin_Osemene
L1 Bithead

‎08-23-2023 12:43 PM

Hello all,

 

I am migrating a Juniper SRX to an existing Palo Alto firewall that is managed by Panorama. I have an Expedition instance able to read the Panorama and attached devices via API. My thinking is to separate the two firewall configurations into two separate logical entities, vsys1 would be for the existing Palo Alto firewall configs, vsys2 would be for the SRX configurations. I have both the Palo Alto and SRX configurations loaded into expedition but I try to add a new vsys under the device > virtual systems and then hit the + button but I don't get any option to add the vsys. Just a dropdown from the bottom bar which mentions something about templates. 

Untitled 2.jpg

I'm sure this is expected but I need some help getting past this. What steps am I missing?

0 Likes Likes
3 REPLIES 3

lychiang
L6 Presenter

‎08-23-2023 12:46 PM

Hi @Kevin_Osemene @I would suggest add device group , vsys and template in the panorama before you export it out and import it into the expedition. 

0 Likes Likes

Kevin_Osemene
L1 Bithead
In response to lychiang

‎08-23-2023 01:01 PM

Ok yeah that is what I was missing to keep these devices logically separated. But import/export is done with the API and I show the following:

Untitled 33.jpg

 

I have to pull in the entire panorama config to merge configuration. If I make the new DG/Template/vsys, I will still run into the same problem as before, no?

0 Likes Likes

dpuigdomenec
L4 Transporter
In response to Kevin_Osemene

‎09-04-2023 02:48 AM

Hi @Kevin_Osemene 

 

Once you move your migrated configuration to your created DG/Template/Vsys, you can import them to your device using load partial configuration command: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-cli-quick-start/use-the-cli/load-configurations...

 

Hope this helps,

 

Best regards,

 

David

0 Likes Likes
  • 1322 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks