5.0.3 PAN Firewalls and 5.0.3 Panorama

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

5.0.3 PAN Firewalls and 5.0.3 Panorama

Not applicable

I have an open case already but I would like to post this out to the community. We recently purchased a new Panorama device and new 3050 firewalls and noticed during the configuration of the URL Filtering section that while the new firewalls have the new listed categories such as "cheating" and "illegal", the Panorama server does not have them listed. Therefore, I cannot manage these two categories from Panorama; in addition, because I created the profile at the Panorama, I cannot manage them at the firewall either. Has anyone run across this before? if so, what is the solution? Thank you in Advance.

1 accepted solution

Accepted Solutions

Panorama retrieves the URL or BrightCloud content with the Applications and Threats updates. Panorama only retrieves the URL categories, as it does not require the entire URL database. What Applications and Threats version is on Panorama? Are you on the latest version?


Ben

View solution in original post

6 REPLIES 6

L4 Transporter

It sounds like you are using 2 different URL databases. Most likely, the firewall is using Brightcloud and Panorama is using Surfcontrol, but one may be using paloaltonetworks (pandb). You can verify this by executing the command on both devices:

show system setting url-database

You will want to verify which URL DB you are licensed for from the Device tab > Licenses page, then set the correct db on both devices, if needed, with the following command:

set system setting url-database {brightclooud | pandb}

Ben

I checked as you suggested and all systems (Panorama and firewalls) are running brightcloud. The Panorama does not show a listing for URL licensing but each firewall is licensed to use brightcloud.

I also went ahead and force a "set" to use brightcloud at the panorama (where the problem is) but it came saying "Server error : URL database already set to 'brightcloud'"

Panorama retrieves the URL or BrightCloud content with the Applications and Threats updates. Panorama only retrieves the URL categories, as it does not require the entire URL database. What Applications and Threats version is on Panorama? Are you on the latest version?


Ben

ok. It was discovered that from the Panorama tab, the dynamic updates was not configured; therefore, I set the schedule and forced an initial download and install to get things going which finally allowed me to see the missing categories at the Panorama level. Issue is now resolved. Thank you for your input!

You're welcome. I'm glad to hear the issue was a fairly simple one that was easily resolved.

Ben

  • 1 accepted solution
  • 3706 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!