03-13-2012 04:24 PM
Hey Guys,
I was curious if there was a way to run a command remotely via SSH to the PAN Device to dump configs.
I was thinking of a way to dump the output of "pa2050-1> show config running" to a flat file that I can hopefully do version checking on.
However, when trying the following SSH command, it seems to not work and hangs the connection up:
$ ssh user@pa2050-1.test 'show config running'
Is there another way to do it?
Let me know if you guys have tried anything similar.
Thanks.
Brian
03-13-2012 06:41 PM
PAN-perl contains a pancli program which allows remote command execution using ssh:
$ pancli -h 172.29.9.121 'show config running'|head
config {
shared {
ssl-decrypt {
ssl-exclude-cert ;
trusted-root-CA ;
}
application ;
application-group ;
service ;
service-group ;
PANCLI(1) User Contributed Perl Documentation PANCLI(1
NAME
pancli - command line program for remote execution of commands on
PAN-OS
SYNOPSIS
pancli [options] command
-l username:password
-h hostname
-D flag debug flag
-t tag .panrc tagname
-T seconds Expect match pattern timeout
command operational mode command
DESCRIPTION
pancli is used to remotely execute commands on a PAN-OS firewall and
display command output. It uses the PAN::CLI module to perform command
execution.
The commands are executed in operational mode; the
PAN::CLI::CLI_operational_mode_exec() method is used to execute the
commands.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
