change the name on a GP portal and gateway

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

change the name on a GP portal and gateway

L4 Transporter

Is is possible to rename an repurpose a global protect portal and gateway? I have one named student that is not being used but I want to repurpose the IP's and save myself from rebuilding a new one by just renaming and reusing student portal and gateway  but the name is greyed out

11 REPLIES 11

L6 Presenter

Hi,

 

Just tested and don't think it is possible for me as well. At least through the GUI 

bummer I will probably have to delete and re-create it with a new name

L4 Transporter

Hi jprovine,

 

You can change the name in the configuration xml file.

I followed these steps:

1) Save named configuration snapshot

2) Export the saved file

3) Edit the name in the notepad++

4) Import the configuration snapshot

5) Load this configuration snapshot

6) Commit

 

Hope this helps.

 

Regards,

Anurag

================================================================
ACE 7.0, 8.0, PCNSE 7

interesting approach, thanks for the option

XML nice and tweakable, you definitely need this option when doing migration from the different hardware range. 

Cyber Elite
Cyber Elite

Hi @jdprovine ,

 

The rename command on the CLI (in configuration mode) will do it.  You will need to rename the Gateway-N in addition to the Portal and Gateway.

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.

L3 Networker

Hello,

If your are using wildcard certificate in portal config you can use multiple fqdn for one portal.

Example: *.acme.com certificate used for portal and gateway certificate profile so you can use;

vpn1.acme.com

vpn2.acme.com

vpnN.acme.com

 

for the same gateway and portal config.

 

UP

L1 Bithead

You can change Global Protect Portal/Gateway names via CLI.

The steps I followed and worked for me are,

1) Pull the "Show" output from Panorama CLI in set output format.

Example:

panorama> set cli config-output-format set
panorama> configure
Entering configuration mode
[edit]
panorama# show
This will provide Panorama configuration in a "set" format.

2) Next look for the Global Protect Portal/Gateway name you want to modify in the output and replace the "set" with" rename"

Example:

panorama# rename template <template name> config vsys <vsys name> global-protect-portal/global-protect-gateway <old name> to <new name>

Thanks,
Anurag

This worked.  I'm not seeing any users under "Remote Users" now, though connections work fine.  

 

Once I did a commit, Remote Users began showing up.

This process worked well for me. One issue I had was the dependency on my tunnel interface. When attempting to commit to the firewall nodes I receive an error that the tunnel interface is already in use. I'm guessing this wouldn't happen without the tunnel functionality enabled on the gateway. I haven't tried updating the tunnel configuration via the same rename commands yet.

  • 7970 Views
  • 11 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!