[rancid] Palo Alto (Panorama) configuration

john heasley heas at shrubbery.net
Thu Jul 11 15:15:12 UTC 2019 

Thu, Jul 11, 2019 at 02:19:00PM +0000, Gauthier, Chris:
> I have run into the issues seen below, as we migrated to a fully-managed Panorama ecosystem in recent months.  The output of the “show configuration running” (or whatever it is) is more limited on the managed device because (I believe) what is being shown is only the locally-managed configuration.  I haven’t looked yet to see if there is a workaround.
> 
> --Chris

I have no experience with these.  If more commands are necessary, lmk.

> Chris Gauthier Senior Network Engineer | Comscore
> t +1 (503) 331-2704 |
> cgauthier at comscore.com
> comscore.com
> ​​​This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system and notify sender.
> From: Rancid-discuss <rancid-discuss-bounces at shrubbery.net> on behalf of annie lee <lsy.annie at gmail.com>
> Date: Wednesday, July 10, 2019 at 6:02 PM
> To: john heasley <heas at shrubbery.net>
> Cc: "rancid-discuss at shrubbery.net" <rancid-discuss at shrubbery.net>
> Subject: Re: [rancid] Palo Alto (Panorama) configuration
> 
> i tried to grab the configs from the panorama and it's what i wanted :-)
> apology, im pretty new to the paloalto and panorama device/setup.
> 
> thanks and glad i can backup the palo/panorama configs without any tweaking.
> 
> On Thu, Jul 11, 2019 at 9:23 AM annie lee <lsy.annie at gmail.com<mailto:lsy.annie at gmail.com>> wrote:
> Hi John,
> 
> Thanks for your reply and apology for the typo on the paloalto type.  (1.1.1.1;paloalto;up)
> Below are the sample config for one of the firewall configs (removed all the ip addresses).
> Basically there are heaps more configs (routing, policy, NAT, virtual router and etc...) i can see from the Panorama.
> Not sure its similar to F5 tweak that we need to add the partition to grab the full configs.
> 
> Rgds
> 
> On Thu, Jul 11, 2019 at 7:42 AM john heasley <heas at shrubbery.net<mailto:heas at shrubbery.net>> wrote:
> Wed, Jul 10, 2019 at 11:53:42AM +1000, annie lee:
> > Hi All,
> >
> > Another question, just added a new PaloAlto to rancid (3.9) but not much
> > configurations being backup (not even interfaces addresses)
> > Anything need to be changed/added to backup the entire configuration ?
> >
> > 1.1.1.1;palo-alto;up
> 
> Please use the built-in type for PAN: paloalto.  if that is still lacking,
> please be more specific about what commands are missing.  it collects
> 
> show system info;show chassis inventory;show config running

More information about the Rancid-discuss mailing list