This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Palo Alto HA firewalls like for like replace

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Palo Alto HA firewalls like for like replace

New-Memeber
L1 Bithead

‎02-20-2024 07:11 AM

Hello Guys,

 

I have a project to replace palo alto with another two palos they are configured as HA and i want to get all the cli commands in one go and past it into the new firewalls ? will that work? 

who knows what is the command that we could do that please? 

0 Likes Likes
3 REPLIES 3

Alejandro_Hernandez
L4 Transporter

‎02-20-2024 02:03 PM

Hi @New-Memeber 

You will follow the next steps

 

Resolution

 

 

  1. Run the following command to view the configuration:
    • "set" format:    > set cli config-output-format set
    • "xml" format:   > set cli config-output-format xml
  2. Enter configure mode:  > configure
 
  1. Enter show to see the complete configuration. You can also view certain components, such as "show network interface".
     
Note: The output of show is not necessarily the sequence to execute the commands. A command that appears at the top may reference something defined later in the listing.

 

The following example demonstrates how to view a configuration in "set" format.

 

> set cli config-output-format set
> configure
Entering configuration mode
[edit]

# show

set mgt-config devices localhost.localdomain ip 127.0.0.1
set mgt-config user admin phash fnRL/G5lXVMug
set mgt-config user admin permissions role-based superuser yes

set zone L3-Trust network layer3 ethernet1/3
set zone L3-Trust network layer3 ethernet1/4
set zone L3-Trust network layer3 ethernet1/5
set zone L3-Trust enable-user-identification no

set rulebase security rules rule1 from any
set rulebase security rules rule1 to any
set rulebase security rules rule1 source any
set rulebase security rules rule1 destination any
set rulebase security rules rule1 service any
set rulebase security rules rule1 application any
set rulebase security rules rule1 action allow
PCSPI, PCNSCx3,PCNSEx4,, PCSAE,PCDRA, ISC2 CC
0 Likes Likes

New-Memeber
L1 Bithead
In response to Alejandro_Hernandez

‎02-20-2024 02:31 PM

Hello  Alejandro,

 

thank you for your reply.

 

I was talking about a command that would show the whole configurations after run show without keep entering the tap.

 

Also my second question are we able to see the passwords without been encrypted on the running config as we can see it on Cisco ASA please?

 
 
 
 
 
 
 
0 Likes Likes

Alejandro_Hernandez
L4 Transporter

‎02-20-2024 02:43 PM

About the passwords

How are Passwords Stored in the Configuration Files?

The passwords in configuration files are either stored as a salted hash or in encrypted form (AES-256).

 

Is it possible to recover the passwords?

It is not possible to recover the plain text versions of user passwords, pre-shared keys for IPSec, or private keys associated with certificates.

PCSPI, PCNSCx3,PCNSEx4,, PCSAE,PCDRA, ISC2 CC
0 Likes Likes
  • 568 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks