03-09-2012 08:45 AM
I must be missing a step because I am able to add a FW that has no policies or virtual systems to Panorama, but when I try to add a FW that is already configured with rules and multiple virtual systems, Panorama just says "shared policy status" "Out of Sync" and will not say it is connected. Is there a trick to get Panorama to allow me to add an already configured FW?
I found this statement in a KnowledgePoint link: "Local (i.e. device-level) policies and rule objects are managed by accessing each respective device’s context within Panorama. This doesn’t require an import…its just there." So I would think I should be able to do this.
03-09-2012 09:34 AM
You must add the Panorama IP to the device under Device > Setup and add the devices SN to Panorama in Panorama > Managed Devices. A commit must be performed on both the device and Panorama.
03-12-2012 10:51 AM
Thanks for the reply. Yes, those are the steps I followed but the Panorama will not accept my FW. I can telnet from the FW to Panorama via port 3978, but I cannot get it to show "connected" on Panorama. I thought it was related to the fact that the FW was already configured, but it is not since I can add other FW's that I put some configs on. I also thought maybe it was a version issue. Panorama is 4.1.0 and the FW's are 4.0.1, but one connects, the other does not. I guess I need to open a case with PA.
03-12-2012 11:02 AM
This sounds like a bug.
Please open a case with support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
