I'm showing Panorama says that all of my firewalls are in sync in the Panorama>Managed Devices>Summary screen. However, if I change the Context to a firewall that has been out of sync in the past, I see that there is an Override cog next to the company Network>Virtual Router>CoName. I saved a named configuration snapshot on the local firewall and on Panorama just in case.
I would like to hit the green Revert cog on the bottom to get the FW truly in sync. However, when I click on Revert cog, will it give me the chance to see what is different between the Palo and Panorama before I hit go? If not, where can I see what is different between Panorama Virtual Router config and the local FW? Thanks!
I saved a snapshot and exported from Panorama and the local firewall. Then I open them up in notepad++ viewer and found the configuration that is mismatched.
TAC also posted this:
If you hit revert, you will be able to see the configuration pushed by Panorama, but you will lose the local configuration (until it is committed).
Before the commit, you can compare the configuration change but it will only show the local changes.
The best way is : to take screenshot before reverting and compare with the configuration after revert.
Config Audit is an awesome tool. It would be great if Config Audit could pull in snapshots and compare them.
If you want to undo the revert : Device> Setup> Operation> Revert to the running configuration Then commit.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!