How to replace one Faulty Paloalto 3250 version 8.1.6 Firewall which is in HA.

Reply
L2 Linker

How to replace one Faulty Paloalto 3250 version 8.1.6 Firewall which is in HA.

Hi All,

 

 I need help on how to replace one Faulty Paloalto 3250 firewall PAN OS version 8.1.6 which is in HA and policies are managed through Panorama.

 

your help is highly appreciated and thank you so much.

 

 

thnx

JP

 

Highlighted
L3 Networker

Re: How to replace one Faulty Paloalto 3250 version 8.1.6 Firewall which is in HA.

Hello

I would do the following:

- remove the faulty box

- configure the new device to make it reachable by panorama (only connect management interface)

- complete config of node (if there is anything done local)

- make sure you have link monitoring configured

- assign the template and device group to the new device (serial number)

- download updates

- push config from panorama

- interconnect all HA cables

- the new box is expected to stay passive/failed since not all interfaces are connected (see link monitoring)

- ensure the sync between the nodes is working

- connect the remaining cables (if you have adjusted service routes using something different than default, connect the cable to the interface(s) used for service route, but keep at least one disconnected which is listed in link monitoring)

- suspending the new device might have the same result, but this does not survive a reboot

Highlighted
L2 Linker

Re: How to replace one Faulty Paloalto 3250 version 8.1.6 Firewall which is in HA.

Hello JP

This document should help answer your question.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHFCA0

 

If you have any further questions after following this document , please open a support ticket.

 

Kavi

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!