Good day Team Members,
I have a client that has an externally hosted SCP server and we need to configure the Panorama to do a Scheduled Config Export.
We can configure the SCP server in Panorama to do this , but the request is that this config bundled needs to be encrpyted before sending it over encrypted SCP transport publicly
I do know that the firewall do encrypt Administrator accounts locally via using the Master Key , is there a way to encrypt the Panorama Config Bundle before sending or this already done in the PANOS before exporting.
Tried looking online and cant seem to find any , any expert advice please
Regards
Kamlin
Update on the SCP export config from panorama.Although the 10.2.4 fixed the issue partially the config bundle was still not being exported.With a manual push command via cli send through the file successfully.TAC has confirmed this is still buggy and had to log into root and do some changes in the background and it has started working as expected.
chown nobody :nobody /var/log/pan/appweb3-panmodule.log
[root@PAN-01 ~]# chown nobody:nobody /var/log/pan/appweb3-panmodule.log