Panorama > Scheduled Config Export
Table of Contents
Expand all | Collapse all
-
- Firewall Overview
- Features and Benefits
- Last Login Time and Failed Login Attempts
- Message of the Day
- Task Manager
- Language
- Alarms
- Commit Changes
- Save Candidate Configurations
- Revert Changes
- Lock Configurations
- Global Find
- Threat Details
- AutoFocus Intelligence Summary
- Configuration Table Export
- Change Boot Mode
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > Devices
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > Mobile Network Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Packet Broker Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device Setup Ace
- Device > Setup > DLP
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
- Device > Device Quarantine
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Certificate Management > SSH Service Profile
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
- Device > Policy Recommendation > IoT
- Device > Policy > Recommendation SaaS
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Server Profiles > SCP
- Panorama > Scheduled Config Export
- Panorama > Device Registration Auth Key
Panorama > Scheduled Config Export
To schedule an export of all the running configurations on
Panorama and firewalls, Add an export task
and configure the settings as described in the following table.
If Panorama has a high availability (HA)
configuration, you must perform these instructions on each peer
to ensure the scheduled exports continue after a failover. Panorama
does not synchronize scheduled configuration exports between HA
peers.
Scheduled Configuration Export
Settings | Description |
|---|---|
Name | Enter a name to identify the configuration
export job (up to 31 characters). The name is case-sensitive and
must be unique. Use only letters, numbers, hyphens, and underscores. |
Description | Enter an optional description. |
Enable | Select to enable the export job. |
Scheduled export start time (daily) | Specify the time of day to start the export
(24 hour clock, format HH:MM). |
Protocol | Select the protocol to use to export logs
from Panorama to a remote host. Secure Copy (SCP)
is a secure protocol; FTP is not. |
Hostname | Enter the IP address or hostname of the
target SCP or FTP server. |
Port | Enter the port number on the target server. |
Path | Specify the path to the folder or directory
on the target server that will store the exported configuration. For
example, if the configuration bundle is stored in a folder called
exported_config within a top level folder called Panorama, the syntax
for each server type is:
The
following characters: .(period), +, { and }, /, -, _, 0-9, a-z,
and A-Z. Spaces are
not supported in the file Path. |
Enable FTP Passive Mode | Select to use FTP passive mode. |
Username | Specify the username required to access
the target system. |
Password / Confirm Password | Specify the password required to access
the target system. Use a password with maximum length of 15
characters. If the password exceeds 15 characters, the test SCP
connection will display an error because the firewall encrypts the
password when it tries to connect to the SCP server and the length
of the encrypted password can be up to 63 characters only. |
Test SCP server connection | Select to test communication between Panorama
and the SCP host/server. (PAN-OS 10.1.8 and earlier releases) To enable the secure transfer of data, you must
verify and accept the host key of the SCP server. The connection is
not established until the host key is accepted. If Panorama has an
HA configuration, you must perform this verification on each HA peer
so that each one accepts the host key of the SCP server.
(PAN-OS 10.1.9 and later releases) A pop-up window is
displayed requiring you to enter a clear text
Passwordand then to Confirm
Password in order to test the SCP server connection
and enable the secure transfer of data. If Panorama has an HA
configuration, perform this step on each HA peer so that each one
can successfully connect to the SCP server. If Panorama can
successfully connect to the SCP server. |