-
Notifications
You must be signed in to change notification settings - Fork 0
/
palo-vpn-proxyid.py
43 lines (35 loc) · 1.03 KB
/
palo-vpn-proxyid.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#build proxy id from palo alto firewall to juniper srx via existing ipsec tunnel
#modules
import datetime
#mark start timestamp
begin_time = datetime.datetime.now()
#traffic-selector counting
ts_counter = 0
pa_vpn = '<pa_vpn_name>'
#traffic-selector ip subnets to be built
firewall_routes_pa = [
'10.2.1.0/24',
'10.2.2.0/24',
'10.2.3.0/24',
'10.2.4.0/24',
'10.2.5.0/24',
'10.2.6.0/24'
]
firewall_routes_srx = [
'10.0.1.0/24',
'10.0.2.0/24',
'10.0.3.0/24',
'10.0.4.0/24',
'10.0.5.0/24',
'10.0.6.0/24'
]
for route_pa in firewall_routes_pa:
for route_srx in firewall_routes_srx:
config_output = f"""
set network tunnel ipsec {pa_vpn} auto-key proxy-id ts{ts_counter:03} protocol any
set network tunnel ipsec {pa_vpn} auto-key proxy-id ts{ts_counter:03} local {route_pa}
set network tunnel ipsec {pa_vpn} auto-key proxy-id ts{ts_counter:03} remote {route_srx}"""
print(config_output)
ts_counter += 1
#timestamping
print(f"***** Generated: {datetime.datetime.now()} || Runtime: {datetime.datetime.now() - begin_time} ***** ")