[rancid] Palo Alto Networks

Hughes, Doug Douglas.Hughes at DEShawResearch.com
Wed Oct 2 14:21:12 UTC 2013


I suspect you haven't added the mapping to your vendor table.
In rancid-fe, find the %vendortable hash (about 2/3 of the way down)

Add a line:
    'paloalto'          => 'panrancid',


I put mine in alphabetical order, just below netscreen.

From: Kishore Rajani [mailto:kams19 at gmail.com]
Sent: Wednesday, October 02, 2013 10:14 AM
To: Hughes, Doug
Cc: Ryan Milton; rancid-discuss at googlegroups.com; guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net
Subject: Re: [rancid] Palo Alto Networks

HI Doug,
Now that I have my remote site up, here are the logs that are generated by rancid-run:
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
exec failed router manufacturer paloalto: No such file or directory
Any idea where I could have been wrong. I have the panlogin and panrancid in the "/usr/local/rancid/bin/" directory. Also I have checked the router.db file and it has the config like:
FWL1:paloalto:up
FWL2:paloalto:up
FWL3:paloalto:up
FWL4:paloalto:up
FWL5:paloalto:up
Thanks and Regards,
Kishore

On 25 September 2013 06:48, Kishore Rajani <kams19 at gmail.com<mailto:kams19 at gmail.com>> wrote:
I will use them as soon as the remote site becomes available.. and will also let you know how did it go.

Appreciate your help.

Regards,
Kishore

On 25 September 2013 01:40, Hughes, Doug <Douglas.Hughes at deshawresearch.com<mailto:Douglas.Hughes at deshawresearch.com>> wrote:
I just sent you the latest versions. I'm the original creator. I can't say if the other version is older, but if they are different, use the ones I sent. (and make sure they are first in the path)

So you are saying when you run panrancid it doesn't create the config file for you?

From: Kishore Rajani [mailto:kams19 at gmail.com<mailto:kams19 at gmail.com>]
Sent: Tuesday, September 24, 2013 5:44 PM
To: Hughes, Doug
Cc: Ryan Milton; rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>; guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>

Subject: Re: [rancid] Palo Alto Networks

Hi All,

Thanks for your inputs.. much appreciated.

I think i had downloaded these files from some other website, not sure if you have modified it, Doug..

In my setup, I am able to login into the device using panlogin.. however the device config are not backed up. Everything works smooth for Cisco devices.
I have updated the routers.db and other files for PAN devices, but no luck yet.

Unfortunately, I am unable to reach my remote site server at the moment, else would have pasted the log file.

Regards,
Kishore


On 24 September 2013 22:01, Hughes, Doug <Douglas.Hughes at deshawresearch.com<mailto:Douglas.Hughes at deshawresearch.com>> wrote:
Sure they can. I do it for 3 of them right now.

Attached. Set your 'switch type' to paloalto. Works with names or IP addresses.

From: Ryan Milton [mailto:rmilton at mvsusa.com<mailto:rmilton at mvsusa.com>]
Sent: Tuesday, September 24, 2013 4:58 PM
To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks

I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn't be read. That is what I've found with my HP switches-but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful.

Regards,
Ryan Milton

From: rancid-discuss-bounces at shrubbery.net<mailto:rancid-discuss-bounces at shrubbery.net> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug
Sent: Tuesday, September 24, 2013 12:26 PM
To: Kishore Rajani; rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: Re: [rancid] Palo Alto Networks

Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work?


From: rancid-discuss-bounces at shrubbery.net<mailto:rancid-discuss-bounces at shrubbery.net> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani
Sent: Monday, September 23, 2013 9:52 AM
To: rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: Re: [rancid] Palo Alto Networks

HI,

did you manage to get the RANCID running with PAN?

Regards,
Kishore

On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote:
Nate Beck <Nate.Beck <at> jivesoftware.com<http://jivesoftware.com>> writes:

>
>
> Has anyone on the list worked with Palo Alto Network firewalls and Rancid?  I
was wondering if anyone has created a *login for them.
> Thanks-------------------
> Nathan BeckSr. IT Engineer
> Jive Software
> 503.972.9024

Hi Nate,

Did you find a *login script for PAN?

Thanks,

Guillaume Dupuis

_______________________________________________
Rancid-discuss mailing list
Rancid-... at shrubbery.net<mailto:Rancid-... at shrubbery.net>
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20131002/225ceaf0/attachment.html>


More information about the Rancid-discuss mailing list