Useful for keeping two load balanced VM's in sync in Azure. <code>:: This is a Windows Batch script that can be used to quickly sync the configuration of one Palo Alto Networks firewall with another. :: This is meant to be used between two virtual firewalls in Azure or AWS that are not a high availability pair but are part of a load balanced 'pair'. :: This works when the virtual machines do not have any statically assigned IP addresses within the VM.

::For this script to work, you will need an API key to each firewall. Generate the API key with the following commands. :: https://FIREWALL_1_IP/api/?type=keygen&user=XML_USERNAME_HERE&password=XML_PASSWORD_HERE :: https://FIREWALL_2_IP/api/?type=keygen&user=XML_USERNAME_HERE&password=XML_PASSWORD_HERE

@echo off

SET FW1_KEY=APIKEY_HERE SET FW2_KEY=APIKEY_HERE SET FW_KEY=%FW1_KEY%

SET FIREWALL_1_IP=10.1.1.1 SET FIREWALL_2_IP=10.1.1.1 SET FW_2_HOSTNAME=palo2 SET FIREWALL_IP=%FIREWALL_1_IP% SET FILENAME=FW_1.xml

:: Export FW 1 SET TYPE=export SET URL=https://%FIREWALL_IP%/api/?type=%TYPE%^&key^=%FW_KEY%^&category=^configuration SET CURL_COMMAND=curl