11-01-2021 12:35 PM
Hi @smelias ,
I can't find anything. It looks like it is not supported -> https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/panorama-features/next-generation-f.... However, the PA-400 Series support ZTP natively.
Thanks,
Tom
11-03-2021 02:27 PM
Hello,
Please take a look and see if these articles will help answer your questions:
Regards,
11-03-2021 03:20 PM
Thanks however it doesn't mention converting a traditional 820 into a 820-ZTP model.
Can't we reimage a 820 into an 820-ZTP?
11-03-2021 04:17 PM
Hi @smelias ,
Not through any public documentation that I can find. That is why I said that I don't think it is supported.
Thanks,
Tom
11-05-2021 08:33 AM
Hi Team.
ZTP firewalls have a slightly different physical architecture than other devices. For example, you can't deploy an 820 ZTP and 820 in an HA pair, even if they have the same licenses. Without digging into proprietary info, you won't be able to reimage a non ZTP 820 into one. That will be a separate appliance.
11-09-2021 06:49 AM
Sorry, I deleted my last comment, as I thought you were trying to turn a ZTP firewall into a non-ZTP firewall. As I understand it, there is a separate physical chip (or chips) on the ZTP firewalls that is not present on non-ZTP models. ZTP models also have a claim code listed on them, which is needed to activate them w/ the ZTP service. The ZTP service at Palo Alto is expecting to match the serial/cliam key w/ a hash in a database when it connects. There isn't a way to make a non-ZTP device use ZTP.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
