Getting Panorama-Managed firewalls connected to Cortex Data Lake?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Getting Panorama-Managed firewalls connected to Cortex Data Lake?

L4 Transporter

Greetings all,

 

As the title suggests, I'm attempting to get Panorama and our two PAN 5250 on to our new data lake.  I've got the Device Certs installed using the OTP from the Support Portal and I installed (but didn't configure beyond the re-verifying using the OTP from data lake) the latest Cloud Services plugin on Panorama.

 

I can see all of the Device Certificate status as green on the data lake inventory, and I can see updated last contact info from Panorama, but the PAN-OS version is NA on Panorama's inventory entry and there is a warning symbol about installing Cloud Services Plugin 2.2 or higher (I installed 3.0).  The firewalls managed by Panorama are both showing Disconnected with no Last Contact Time.

 

Any ideas what I might be missing here?  I feel like I've gone in circles all day in the documentation for this setup 😂

 

Thanks!

1 REPLY 1

L4 Transporter

Quick update on this... it's really unclear to me on what licensing is necessary on the firewalls themselves in regards to the data lake.  The instructions mostly just reference Panorama and that firewall licenses get added when you activate Cortex, however, on ours it appears Panorama has a data lake license but the firewalls do not.  The firewalls all have an expired license from a previous Cortex setup (long story but we didn't use it long term and we never set up the firewalls to actually use the data lake).  I've manually deleted the expired license but Panorama is putting it back whenever I refresh.

 

Is there somewhere in the data lake I missed to generate an auth code for the firewalls?  I got the impression that the firewalls would somehow get a correct license from this along with certs from Panorama but that doesn't seem to be the case or I'm just missing something.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!