Scribd Logo
Upload

Welcome to Scribd!

  • Candidate Configuration and Running-Config

    Uploaded by

    Rahul
    44 views2 pages
    Palo Alto Networks firewalls maintain both a candidate configuration and a running configuration. The candidate configuration is created or updated when changes are made to policies, security settings, zones, or virtual routers in the firewall's web interface. The candidate configuration only takes effect when it is committed to the running configuration by clicking the commit button or using the commit CLI command. Committing applies the candidate configuration changes to the active running configuration of the firewall. It is important to always commit changes to make them live on the firewall.

    Original Description:

    Original Title

    candidate configuration and running-config

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Palo Alto Networks firewalls maintain both a candidate configuration and a running configuration. The candidate configuration is created or updated when changes are made to policies, security settings, zones, or virtual routers in the firewall's web interface. The candidate configuration only takes effect when it is committed to the running configuration by clicking the commit button or using the commit CLI command. Committing applies the candidate configuration changes to the active running configuration of the firewall. It is important to always commit changes to make them live on the firewall.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    44 views2 pages

    Candidate Configuration and Running-Config

    Uploaded by

    Rahul
    Palo Alto Networks firewalls maintain both a candidate configuration and a running configuration. The candidate configuration is created or updated when changes are made to policies, security settings, zones, or virtual routers in the firewall's web interface. The candidate configuration only takes effect when it is committed to the running configuration by clicking the commit button or using the commit CLI command. Committing applies the candidate configuration changes to the active running configuration of the firewall. It is important to always commit changes to make them live on the firewall.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    CANDIDATE CONFIGURATION AND RUNNING

    CONFIGURATION :-

    Palo Alto Networks Firewalls comes with


    following config types
     Candidate Configuration
     Running Configuration

    Whenever someone creates a new policy or changes the


    configuration settings of an existing Security Policy or any other
    parameters like zone, Virtual router etc. in the Palo Alto firewall
    and click OK as shown below, the Candidate Configuration is
    either created or updated and this type of configuration is known
    as Candidate Configuration.

    However when Commit tab at the top right corner of Web UI of


    the Palo Alto Firewall is clicked the Candidate Configuration is
    applied to the running configuration of the Palo Alto firewall. And
    the applied configuration is called running configuration.
    Also by using “commit” cli command in the configuration mode on
    can apply candidate configuration to the running configuration.

    admin@PA-500# commit

    Candidate Configuration never becomes active unless it’s saved


    to the Running Configuration so it’s always recommended to click
    commit whenever someone creates or modify the configuration in
    the Pal0 Alto Networks Firewall

    You might also like