: Determine IPSec Termination Nodes Method #2 (Panorama API Method)
Focus
Focus

Determine IPSec Termination Nodes Method #2 (Panorama API Method)

Table of Contents

Determine IPSec Termination Nodes Method #2 (Panorama API Method)

312 PIC
The second method to obtain the IPSec Termination Nodes within a Prisma Access for Networks is via the Panorama API. Within the API, the abbreviation of SPN will be seen, which is the reference for the IPSec Termination Node(s).
Using Panorama, navigate to the following subtree in the API within Panorama, clicking on each item listed in bullets (notice the variation for single tenant vs multi-tenant).
Single Tenant Environment
https://panorama/api
  • config
  • devices
  • localhost.localdomain (or appropriate name)
  • plugins
  • cloud_services
  • remote-networks
  • agg-bandwidth
Multi-Tenant Environment
https://panorama/api
  • Configuration Commands
  • devices
  • localhost.localdomain (or appropriate name)
  • plugins
  • cloud_services
  • multi-tenant
  • tenants
  • default-tenant
  • remote-networks
  • agg-bandwidth
The output of the API is similar to the following:
<response status="success" code="19"><result total-count="1" count="1"><agg-bandwidth><enabled>yes</enabled><region><entry name="europe-central"><allocated-bw>100</allocated-bw><spn-name-list><member>europe-central-aspen</member></spn-name-list></entry><entry name="us-east"><allocated-bw>600</allocated-bw><spn-name-list><member>us-east-charlock</member><member>us-east-banyan</member></spn-name-list></entry><entry name="canada-central"><allocated-bw>100</allocated-bw><spn-name-list>
A sample from the web UI would also look similar to the above. Note that the us-east appears first in the list, followed by the node names underneath.
The IPSec Termination Node names are indented below the entry named spn-name-list. Note the order seen here is the same order as the Panorama UI shown in the previous section.