Palo Alto PA-VM#
Palo Alto PA-VM nodes launched with containerlab come up pre-provisioned with SSH, and HTTPS services enabled.
Managing Palo Alto PA-VM nodes#
Containers with Palo Alto PA-VM inside will take ~8min to fully boot.
You can monitor the progress with
docker logs -f <container-name>.
Palo Alto PA-VM node launched with containerlab can be managed via the following interfaces:
Default user credentials:
Palo Alto PA-VM container supports up to 24 interfaces (plus mgmt) and uses the following mapping rules:
eth0- management interface connected to the containerlab management network
eth1- first data interface, mapped to first data port of PAN VM
eth2+- second and subsequent data interface
When containerlab launches Palo Alto PA-VM node, it will assign IPv4/6 address to the
mgmt interface. These addresses can be used to reach management plane of the router.
eth1+ need to be configured with IP addressing manually using CLI/management protocols.
Interfaces will not show up in the cli (
show interfaces all) until some configuration is made to the interface!
Features and options#
Palo Alto PA-VM nodes come up with a basic configuration where only
admin user and management interface is provisioned.
User defined config#
It is possible to make Palo Alto PA-VM nodes to boot up with a user-defined config instead of a built-in one. With a
startup-config property a user sets the path to the config file that will be mounted to a container and used as a startup config: