[rancid] Palo Alto Networks
Hughes, Doug
Douglas.Hughes at DEShawResearch.com
Sat Sep 28 17:52:55 UTC 2013
1) Become the rancid user
2) make sure that panrancid and panlogin are in your path
3) "panrancid <device>"
After you run it, if it works, you should see a file <device>.new in the current directory.
If it fails, paste the results of this: "panrancid -d <device>"
From: Ryan Milton [mailto:rmilton at mvsusa.com]
Sent: Saturday, September 28, 2013 1:49 PM
To: Hughes, Doug; Kishore Rajani
Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net
Subject: RE: [rancid] Palo Alto Networks
You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors.
Does it work if you run panrancid directly on the command line from the bin directory?
-->not sure I know how to do this.
Ryan Milton
MVS Network Manager
O: 201-447-1505 x124
C: 862-249-5230
________________________________
From: Hughes, Doug <Douglas.Hughes at DEShawResearch.com<mailto:Douglas.Hughes at DEShawResearch.com>>
Sent: Friday, September 27, 2013 3:57:58 PM
To: Ryan Milton; Kishore Rajani
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks
I have perl 5.8.8. I'm not sure why that would make a significant difference, though.
There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical)
It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok?
Do you have access to an older Perl for testing?
Does it work if you run panrancid directly on the command line from the bin directory?
From: Ryan Milton [mailto:rmilton at mvsusa.com]
Sent: Friday, September 27, 2013 1:23 PM
To: Hughes, Doug; Kishore Rajani
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks
So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi
And
rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid
14180 9
Regards,
Ryan Milton
MVS Network Manager
o: 201-447-1505 x124
c: 862-249-5230
www.mvsusa.com<http://www.mvsusa.com/>
[MVS final logo GOOD very small]
From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com]
Sent: Friday, September 27, 2013 11:15 AM
To: Ryan Milton; Kishore Rajani
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks
What version of Perl are you using? That looks like a Perl error. Also, I don't have a define(%hash) at line 53 in the one I sent you.
What does 'sum /usr/lib/rancid/bin/panrancid' say?
It should say
14180 9
From: Ryan Milton [mailto:rmilton at mvsusa.com]
Sent: Friday, September 27, 2013 11:08 AM
To: Hughes, Doug; Kishore Rajani
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks
Hi Doug,
So I am testing your scripts. I got one error:
Trying to get all of the configs.
defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53.
(Maybe you should just omit the defined()?)
Paloaltofw1: missed cmd(s): show config running, set.....
Is there a fix for this? I figure the code is just out of date?
Regards,
Ryan Milton
MVS Network Manager
o: 201-447-1505 x124
c: 862-249-5230
www.mvsusa.com<http://www.mvsusa.com/>
[MVS final logo GOOD very small]
From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com]
Sent: Tuesday, September 24, 2013 5:02 PM
To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks
Sure they can. I do it for 3 of them right now.
Attached. Set your 'switch type' to paloalto. Works with names or IP addresses.
From: Ryan Milton [mailto:rmilton at mvsusa.com]
Sent: Tuesday, September 24, 2013 4:58 PM
To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: RE: [rancid] Palo Alto Networks
I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn't be read. That is what I've found with my HP switches-but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful.
Regards,
Ryan Milton
From: rancid-discuss-bounces at shrubbery.net<mailto:rancid-discuss-bounces at shrubbery.net> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug
Sent: Tuesday, September 24, 2013 12:26 PM
To: Kishore Rajani; rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: Re: [rancid] Palo Alto Networks
Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work?
From: rancid-discuss-bounces at shrubbery.net<mailto:rancid-discuss-bounces at shrubbery.net> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani
Sent: Monday, September 23, 2013 9:52 AM
To: rancid-discuss at googlegroups.com<mailto:rancid-discuss at googlegroups.com>
Cc: guillaume.dupuis at novidys.com<mailto:guillaume.dupuis at novidys.com>; rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: Re: [rancid] Palo Alto Networks
HI,
did you manage to get the RANCID running with PAN?
Regards,
Kishore
On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote:
Nate Beck <Nate.Beck <at> jivesoftware.com<http://jivesoftware.com>> writes:
>
>
> Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I
was wondering if anyone has created a *login for them.
> Thanks-------------------
> Nathan BeckSr. IT Engineer
> Jive Software
> 503.972.9024
Hi Nate,
Did you find a *login script for PAN?
Thanks,
Guillaume Dupuis
_______________________________________________
Rancid-discuss mailing list
Rancid-... at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130928/9d4a7be9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 2724 bytes
Desc: image001.jpg
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130928/9d4a7be9/attachment.jpg>
More information about the Rancid-discuss
mailing list