Integration between Aruba Controller and PaloAlto 7.1
Salam Alycom
you can make integration between Palo Alto And Aruba Controller to get User IP Map from Aruba to Plao Alto by using XML-API Tech .
what you need is only follow the steps in this link
Click to access SG_PaloAltoNetworks.pdf
its good document from aruba but really i face issue and the integration after upgrade Plao Alto from 7.0 to 7.1 , but after some analysis and open case with palo alto i note aruba refuse the PaloAlto certificate is unknown cert.
for that you need to make the following configuration after finish the documentation steps
1 in paloalto Firewall
A- Create certificate and i recommend the following link
after that download the certificate and save it folder
B- Create SSL/TLS Profile
device >certificate Management > SSL/TLS service Profile > add > “add any name and choose cerificate that you create it before and save and commit
C- after that go to device>setup>Management>general Settings > ssl/tls service profile”choose SSL profile that you created it before ” , and commit
2 Aruba Controller Side
Configuration > Certificates > upload
add any name
upload paloAlto Cert
Passphrase (optional) : “Leave it blank ”
Certificate Format : PEM
Certificate Type : trusted CA
after finish you can check it by the following command
in aruba
(Master) #show pan state
Palo Alto Networks Servers Connection State[PA-3060]
—————————————————-
Firewall State
——– —–
“PaloAlto ip”:443 UP[05/09/16 12:32:13]Established
in paloalto
show user ip-user-mapping all
in from section you must see some user “XMLAPI”
Ahmed Omar
Posted on 10/05/2016, in منوعات. Bookmark the permalink. Leave a comment.
Leave a comment
Comments 0