How to Delete a Panorama-pushed Configuration from a Single Virtual System of a Managed Firewall

How to Delete a Panorama-pushed Configuration from a Single Virtual System of a Managed Firewall

53217
Created On 09/26/18 13:49 PM - Last Modified 08/05/19 19:48 PM


Resolution


Overview

This document provides instructions to delete a Panorama-pushed configuration from a single virtual system (vsys) that resides on a managed Palo Alto Networks firewall.

Steps

Follow these instructions to delete the old/existing configuration on the target vsys:

  1. Remove the target vsys from the existing device group.
  2. Create a new dummy device group.
  3. Add the target vsys into this newly created device group.
  4. Commit the blank device group configuration on the target vsys.

Note: To remove all the Panorama-pushed configurations on the managed firewall, which includes configuration for other vsys, go to Device > Setup > Management on the managed firewall. Then, under Panorama Settings, select Disable Panorama Policy and Objects and Disable Device and Network Template .

All Panorama-pushed configurations can be removed from the CLI of the managed firewall.

The following CLI commands disable policy, objects, and template values pushed from Panorama:

> set system setting shared-policy disable

> set system setting template disable

owner: kadak
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClqxCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language