This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

add vsys in firewall , Panorama will show new vsys

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

add vsys in firewall , Panorama will show new vsys

Martin_Chung
L1 Bithead

‎08-19-2020 10:45 PM

A pair of firewall managed by Panorama.

I only use the device group in Panorama.

 

If I add a new vsys ( i.e. vsys2 )  in firewall , Panorama will show the new vsys ? 

 

 

0 Likes Likes
3 REPLIES 3

SutareMayur
Cyber Elite
Cyber Elite

‎08-20-2020 05:50 AM

@Martin_Chung,

 

First, only thing that you should look is, Is your gateway supports multi vsys ? Multi vsys are supported on 3200 series and on wards models. You need license to enable multi vsys on 3200 series models.

 

And Yes if you add new vsys on the Panorama and push configuration on the gateway, new vsys will be visible on the Panorama under desired template where you have created the vsys as well as on the gateways. Once vsys is created, you can take required interface under new vsys and also have separate DG. Now you didn't mention anything about templates. How are you managing the templates?

 

M
0 Likes Likes

Martin_Chung
L1 Bithead
In response to SutareMayur

‎08-20-2020 08:18 PM

Thanks for your reply.

 

i do not use the template from panorama to create the vsys. is it possible ?

 

my template only have some sylog server setting  and authentication setting.

For network part( like interface , routing ,.. ) , i will configure on the firewall ( not panorama ) .

For panorama, i use the device group to deploy the security policy ,NAT, object,...)

 

when i add new vsys on firewall ( not panorama ), how Panorama work for this newly created vsys ?

0 Likes Likes

TomYoung
Cyber Elite
Cyber Elite

‎05-22-2023 03:34 PM - edited ‎05-26-2023 09:11 AM

Hi @Martin_Chung ,

 

You cannot create a new vsys from Panorama.  It needs to be created on the NGFW.  Edit:  I got this from an old document!  You can create a vsys on Panorama!  https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLsWCAW

 

Template settings have a vsys option.

 

The vsys should show up as a separate device for device groups.  I am not sure if it will populate automatically in the list when you create it.  That allows you to push a separate set of rules to the new vsys.

 

Please create the new vsys locally and let me know if you can see it in the list of devices under Panorama > Device Groups.

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.
0 Likes Likes
  • 2943 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks