Try SpotterManage IKE Gateway objects.
| "added in version" 0.1.3 of cdot65.prisma_access"
Authors: Calvin Remsburg (@cdot65)
Install with ansible-galaxy collection install cdot65.prisma_access:==0.1.8
collections:
- name: cdot65.prisma_access
version: 0.1.8Manage IKE Gateway objects within Prisma Access.
- name: Create IKE Gateway AnsibleIKE-1
cdot65.prisma_access.ike_gateway:
provider:
client_id: "{{ client_id }}"
client_secret: "{{ client_secret }}"
scope: "{{ scope }}"
name: "AnsibleIKE-1"
folder: "Service Connections"
peer_id:
id: "1.1.1.3"
type: "ipaddr"
authentication:
pre_shared_key: "paloalto1!"
peer_address:
ip: "1.1.1.2"
protocol:
ikev1:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
ikev2:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
version: "ikev2-preferred"
state: "present"
- name: Create IKE Gateway AnsibleIKE-2
cdot65.prisma_access.ike_gateway:
provider:
client_id: "{{ client_id }}"
client_secret: "{{ client_secret }}"
scope: "{{ scope }}"
name: "AnsibleIKE-2"
folder: "Service Connections"
peer_id:
id: "vpn.redtail.com"
type: "fqdn"
authentication:
pre_shared_key: "paloalto1!"
peer_address:
dynamic: True
protocol_common:
nat_traversal:
enable: True
fragmentation:
enable: False
protocol:
ikev1:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
ikev2:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
version: "ikev2-preferred"
state: "present"
- name: Create IKE Gateway AnsibleIKE-3
cdot65.prisma_access.ike_gateway:
provider:
client_id: "{{ client_id }}"
client_secret: "{{ client_secret }}"
scope: "{{ scope }}"
name: "AnsibleIKE-3"
folder: "Service Connections"
peer_id:
id: "calvin@vpn.redtail.com"
type: "ufqdn"
authentication:
pre_shared_key: "paloalto1!"
peer_address:
dynamic: True
protocol:
ikev1:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
ikev2:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
version: "ikev2-preferred"
state: "present"
- name: Create IKE Gateway AnsibleIKE-4
cdot65.prisma_access.ike_gateway:
provider:
client_id: "{{ client_id }}"
client_secret: "{{ client_secret }}"
scope: "{{ scope }}"
name: "AnsibleIKE-4"
folder: "Service Connections"
peer_id:
id: "deadbeef"
type: "keyid"
authentication:
pre_shared_key: "paloalto1!"
peer_address:
dynamic: True
protocol:
ikev1:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
ikev2:
ike_crypto_profile: "PaloAlto-Networks-IKE-Crypto"
dpd:
enable: True
version: "ikev2-preferred"
state: "present"
state:
choices:
- absent
- present
description:
- declare whether you want the resource to exist or be deleted
required: true
type: str
folder:
choices:
- Shared
- Mobile Users
- Remote Networks
- Service Connections
- Mobile Users Container
- Mobile Users Explicit Proxy
description:
- declare where the object should reside.
required: true
type: str
static:
description:
- declare whether the address group object is static
required: false
type: list
local_id:
description:
- Value of the address group object's name
required: false
type: dict
authentication:
description:
- Description of the address object.
required: false
type: str