The bootstrap package must include the basic configuration
contained in the init-cfg.txt file in the /config folder; the complete
configuration (contained in bootstrap.xml file in the /config folder)
is optional. When you include both files in the bootstrap package,
the firewall merges the configurations of those files and, if any
configuration settings overlap between the two files, the firewall
uses the setting defined in the init-cfg.txt file.
Basic Configuration—The init-cfg.txt file is a text file
that contains basic initial configuration information. You can name
this file generically as init-cfg.txt, or you can prepend the UUID
or Serial number of each firewall to the filename to be more specific
(for example: 0008C100105-init-cfg.txt). This file must include
basic information for configuring the management interface on the
firewall, such as the IP address type (static or DHCP), IP address
(IPv4 only or both IPv4 and IPv6), netmask, and default gateway.
The DNS server IP address, Panorama IP address and device group
and template stack parameters are optional. When the firewall boots,
it searches for a text file that matches its UUID or serial number
and, if none is found, it searches using the generic filename. For
a sample file, see Create
the init-cfg.txt File.
If you are using Panorama
to manage your bootstrapped VM-Series firewalls:
The Panorama appliance that manages the firewalls must be
in Panorama mode. If you use a Panorama appliance in Management-Only
mode, firewall logs will be dropped because Panorama in Management-Only
mode does not have a Log Collector Group that can store firewall
Complete Configuration—The bootstrap.xml file allows you
to fully configure the firewall. The bootstrap.xml file is optional.
If you are not using Panorama to centrally manage your firewalls,
the bootstrap.xml file provides a way to automate the process of
deploying firewalls that are configured at launch. You can either
define this manually or export the running configuration from an
existing firewall and save the file as
you include the bootstrap.xml file, make sure to export the XML
file from a firewall of the same platform or hypervisor. If you
provide the init-cfg.txt file and the bootstrap.xml file, the firewall
merges the files into a running configuration as part of the bootstrap
process and, if any settings overlap, the firewall will use the
setting from the basic configuration file. See Create
the bootstrap.xml File.