I am looking for a method to replicate the configuration of one of our virtual firewalls to a physical firewall through Panorama device-groups and templates.
Let me explain the setup:
We have a core firewall with multiple vsys enabled, and one of these vsys is our external (internet) vsys. Now due to capacity issues, we need to replace this external vsys with a physical PA-5260 firewall (different hostname). The configurations would remain the same as in the external vsys and after migration vsys will be shut.
All the firewalls in the environment are manged by Panorama. The current external vsys is part of an existing device-groups and templates. Now I am looking for the best way to replicate the configurations from the current vsys to the phsyical firewall during productions cutover.
Is there a method to copy the security policies, nats, firewall settings from the old vsys to the new firewall through device-group or templates and during prod cutover, shut down the vsys and re-cable to the phsyical firewall and have the same configurations on it?
Any help would be highly appreciated.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!