Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need FQDN Support for IKE Gateway Peer IP Address #250

Closed
mrichardson03 opened this issue Aug 6, 2020 · 2 comments · Fixed by #252
Closed

Need FQDN Support for IKE Gateway Peer IP Address #250

mrichardson03 opened this issue Aug 6, 2020 · 2 comments · Fixed by #252
Assignees
@btorresgil
Labels
enhancement

Comments

@mrichardson03
Copy link

Is your feature request related to a problem?

FQDN support for IKE gateways is missing in pan-os-python. This was supported starting in PAN-OS 8.1.

Describe the solution you'd like

peer_ip_type needs to also accept fqdn, and peer_ip_value needs to be adjusted as well.

Additional context

We need this to add support in the Ansible module: PaloAltoNetworks/pan-os-ansible#10
@btorresgil btorresgil self-assigned this Aug 7, 2020
@shinmog shinmog mentioned this issue Aug 14, 2020
Merged
4 tasks
@btorresgil
Copy link
Member

@mrichardson03 PR created for this. Check it out and let us know how it looks.

@mrichardson03
Copy link
Author

@mrichardson03 PR created for this. Check it out and let us know how it looks.

Works great, thanks!

shinmog added a commit that referenced this issue Aug 17, 2020
@shinmog
feat: Add FQDN support to IKE gateways
722594c 
Adds the FQDN peer IP type to IKE gateways for PAN-OS 8.1+.

Fixes #250 
PR #252
github-actions bot pushed a commit that referenced this issue Aug 17, 2020
@semantic-release-bot
chore(release): 1.0.0
ec27cb9 
## 1.0.0 (2020-08-17)

### Features

*  IP Classification and easier field usage.  Fields added:  user, src_class, dst_class, server_ip, server_location, client_ip, client_location.  Note that client_ip was already in use by the config logs and dashboard, so that client_ip field is renamed to admin_ip, and the client_type field is renamed to admin_type.  This is done to avoid naming conflicts. ([f2405cb](f2405cb))
*  New App highlighting.  When apps are added to the master Palo Alto Networks applipedia, Splunk will get the apps and index them.  Then, dashboard panels can be created to show when new apps are added, or if any traffic in the network is matching these new apps. ([550fca6](550fca6))
* Add `type` parameter to `CustomUrlCategory` ([f3c85d6](f3c85d6)), closes [#244](#244)
* Add FQDN support to IKE gateways ([722594c](722594c)), closes [#250](#250) [#252](#252)
* Add normalized objects for firewall and Panorama commits ([0983558](0983558)), closes [#220](#220)
* Add support for wildcard address objects ([e859ff6](e859ff6)), closes [#228](#228) [#226](#226)
* Support for Dynamic Address Groups and Dynamic Address Objects (IP address tagging). This feature is utilized similarly to 'panblock', but the command is 'pantag'. ([8753410](8753410))

### Bug Fixes

* config field 'host' overlapped with Splunk default field 'host'.  Changed to 'client_ip'.  Changed 'client' to 'client_type'. ([5bb9a9f](5bb9a9f))
* config field 'host' overlapped with Splunk default field 'host'.  Changed to 'client_ip'.  Changed 'client' to 'client_type'. ([d1f5e76](d1f5e76))
* Correct how target_version is determined ([4269200](4269200)), closes [#216](#216)
* Fix tag-allowed property of VirtualWire ([f02143e](f02143e)), closes [#232](#232) [#221](#221)
* if there are no registered addresses iterator will throw exception ([eabfbd9](eabfbd9))
* Perform release on master branch ([7da85ef](7da85ef))

### Reverts

* Revert "Added a Splunk 6 Data Model to represent the Palo Alto Networks log structure. Currently this model is NOT accelerated due to known Splunk issue (SPL-74415)" ([60b23f9](60b23f9))
* Revert "Possible Malware Traffic table search made much more efficient".  It is more efficient, on initial testing, but requires more testing of corner cases.  Reversing the commit until more testing can be done. ([90fae34](90fae34))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@btorresgil btorresgil

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Adding FQDN support to IKE gateways PaloAltoNetworks/pan-os-python
2 participants
@mrichardson03 @btorresgil