Panorama > Scheduled Config Export
Table of Contents
Expand all | Collapse all
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > GTP Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Decryption > Forwarding Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Device Block List
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Scheduled Config Export
End-of-Life (EoL)
Panorama > Scheduled Config Export
To schedule an export of all the running configurations on
Panorama and firewalls, Add an export task
and configure the settings as described in the following table.
If Panorama has a high availability (HA)
configuration, you must perform these instructions on each peer
to ensure the scheduled exports continue after a failover. Panorama
does not synchronize scheduled configuration exports between HA
peers.
Scheduled Configuration Export
Settings | Description |
---|---|
Name | Enter a name to identify the configuration
export job (up to 31 characters). The name is case-sensitive and
must be unique. Use only letters, numbers, hyphens, and underscores. |
Description | Enter an optional description. |
Enable | Select to enable the export job. |
Scheduled export start time (daily) | Specify the time of day to start the export
(24 hour clock, format HH:MM). |
Protocol | Select the protocol to use to export logs
from Panorama to a remote host. Secure Copy (SCP)
is a secure protocol; FTP is not. |
Hostname | Enter the IP address or hostname of the
target SCP or FTP server. |
Port | Enter the port number on the target server. |
Path | Specify the path to the folder or directory
on the target server that will store the exported configuration. For
example, if the configuration bundle is stored in a folder called
exported_config within a top level folder called Panorama, the syntax
for each server type is:
The
following characters: .(period), +, { and }, /, -, _, 0-9, a-z,
and A-Z. Spaces are
not supported in the file Path. |
Enable FTP Passive Mode | Select to use FTP passive mode. |
Username | Specify the username required to access
the target system. |
Password / Confirm Password | Specify the password required to access
the target system. Use a password with maximum length of 15
characters. If the password exceeds 15 characters, the test SCP
connection will display an error because the firewall encrypts the
password when it tries to connect to the SCP server and the length
of the encrypted password can be up to 63 characters only. |
Test SCP server connection | Select to test communication between Panorama
and the SCP host/server. To enable the secure transfer of
data, you must verify and accept the host key of the SCP server.
The connection is not established until the host key is accepted.
If Panorama has an HA configuration, you must perform this verification
on each HA peer so that each one accepts the host key of the SCP
server.
(PAN-OS 9.1.16 and later releases) A pop-up window is
displayed requiring you to enter a clear text
Passwordand then to Confirm
Password in order to test the SCP server connection
and enable the secure transfer of data. If Panorama has an HA
configuration, perform this step on each HA peer so that each one
can successfully connect to the SCP server. If Panorama can
successfully connect to the SCP server. |