Thanks, Chris for your prompt response. I am putting complete procedure step by step so that every one can easily understand
#Configure PaloAlto Firewall on rancid server Rancid Version : 3.13-1 [apt -list | grep rancid] OS Version : Ubuntu 22.04.2 LTS [lsb_release -a] 1. Make changes in rancid main configuration /etc/rancid/rancid.conf add firewalls(whatever name you would like to keep) LIST_OF_GROUPS="routers switches waps firewalls"; export LIST_OF_GROUPS 2. To take effets the changes in configuration run below command but you have to be rancid user first su - rancid /usr/lib/rancid/bin/rancid-run 3. Make change in configuration file and add device vim /var/lib/rancid/firewalls/router.db add following line firewall1.your-domain.com;paloalto;up; 4. Make changes in vim /var/lib/rancid/firewalls/routers.up add below line firewall1.your-domain.com;paloalto 5. Make changes in vim /etc/rancid/rancid.types.base add lines below paloalto;login;plogin paloalto;module;panos paloalto;inloop;panos::inloop paloalto;command;panos::ShowInfo;show system info paloalto;command;panos::ShowInventory;show chassis inventory paloalto;command;panos::ShowConfig;show config merged 6. Make changes in vim /etc/rancid/rancid.types.conf # This is for PaloAlto Firewall paloalto;script;panrancid 7. Make changes in vim /etc/rancid/rancid.types.conf add lines as below # This is for PaloAlto Firewall paloalto;script;panrancid 8. Enable email configuration vim /etc/aliases add lines below rancid-firewalls: [email protected] rancid-firewalls-admin: [email protected] # Run below command to take into effect newaliases # You Must have panos, panrancid & plogin files present under /var/lib/rancid/bin On Thu, 6 Apr 2023 at 03:49, Chris <[email protected]> wrote: > Just wanted to add for the benefit of all, I like to edit my > etc/rancid.types.conf and add a new “type”. Here is what the additional > lines look like: > > > > paloaltofw;script;rancid -t paloaltofw > > paloaltofw;login;panlogin > > paloaltofw;module;panos > > paloaltofw;inloop;panos::inloop > > paloaltofw;command;panos::ShowInfo;show system info > > paloaltofw;command;panos::ShowInventory;show chassis inventory > > paloaltofw;command;rancid::RunCommand;set cli config-output-format set > > paloaltofw;command;rancid::RunCommand;configure > > paloaltofw;command;panos::ShowConfig;show > > > > This gives you a more human readable configuration. > > > > In your router.db you would need to add: > > > > Firewall1.yourdomain.com;paloaltofw;up > > > > Chris > > > > *From: *heasley <[email protected]> > *Sent: *Wednesday, April 5, 2023 4:03 PM > *To: *Chris Weakland <[email protected]> > *Cc: *Anwar Durrani <[email protected]>; > [email protected] > *Subject: *Re: [rancid] login script for PaloAlto PA850 > > > > Wed, Apr 05, 2023 at 07:21:17AM -0400, Chris Weakland: > > > Palo Alto support has bee. built into Rancid for some time, no need for > any > > additional scripts. The device type is: paloalto > > > > indeed; there is also device type paloaltoxml for the xml config. > > > > > Your router.db looks incorrect, it should be: > > > > > > Firewall1.yourdomain.com;paloalto;up > > > > to be pedantic, additional fields are simply ignored. > > > -- Thanks & regards, Anwar M. Durrani +91-9923205011 <http://in.linkedin.com/pub/anwar-durrani/20/b55/60b>
_______________________________________________ Rancid-discuss mailing list [email protected] https://www.shrubbery.net/mailman/listinfo/rancid-discuss
