Bootstrap Configuration Files

The bootstrap package must include the basic configuration in
config/init-cfg.txt
. The complete configuration (in
/config/bootstrap.xml
file) is optional.
When you include
init-cfg.txt
file and the
bootstrap.xml
file in the bootstrap package, the firewall merges the configurations of those files, and if any settings overlap, the firewall uses the values defined in the
init-cfg.txt
file.

init-cfg.txt

Contains basic information for configuring the management interface on the firewall, such as the IP address type (static or DHCP), IP address (IPv4 only or both IPv4 and IPv6), netmask, and default gateway. The DNS server IP address, Panorama IP address and device group and template stack parameters are optional.
You can use the generic name
init-cfg.txt
, or to be more specific, you can prepend the UUID or Serial number of each firewall to the filename (for example:
0008C100105-init-cfg.txt
).
When the firewall boots, it searches for a text file that matches its UUID or serial number and, if none is found, it searches using the generic filename
init-cfg.txt
. For a sample file, see Create the init-cfg.txt File.
If you are using Panorama to manage your bootstrapped VM-Series firewalls:
  • You must generate a VM auth key on Panorama and include the key in the
    init-cfg.txt
    file. For more information, see Generate the VM Auth Key on Panorama.
  • The Panorama appliance that manages the firewalls must be in Panorama mode. If you use a Panorama appliance in Management-Only mode, firewall logs are dropped because Panorama in Management-Only mode does not have a Log Collector Group that can store firewall logs.

bootstrap.xml

The optional
bootstrap.xml
file contains a complete configuration for the firewall. If you are not using Panorama to centrally manage your firewalls, the
bootstrap.xml
file provides a way to automate the process of deploying firewalls that are configured at launch.
You can define the configuration manually or export the running configuration (
running-config.xml
) from an existing firewall and save the file as
bootstrap.xml
. If you export
bootstrap.xml
file, make sure to export the XML file from a firewall deployed on the same platform or hypervisor as your deployment. See Create the bootstrap.xml File.

Recommended For You