You'll be able to load the old configuration and just validate the configuration to check for any errors; on a PA-500 to PA-820 migration I wouldn't expect to see anything major. The biggest thing that you have to look out for is interfaces since the PA-820 only has 4 copper ports and 8 SFP. You'll want to make sure that you take that into account for your migration planning.
Thanks for your quick response.
Just wanted to say would there wont be any impact while importing backup from PAN OS 8.1. to PAN OS 9.0..as we know lots of stuff has changed in PAN OS 9.0.
Also if a PA came with factory default with PAN OS 9.0..can we downgrade it to PAN OS 8.1 smoothly?
I will be upgrading a High Availability pair of PA-500s to PA-820s in the next few weeks and have started doing my homework on the cutover.
I have learned that the new firewalls will need to be on the same OS build as the old ones & all security updates should match as well. After opening a ticket with PA Support they replied . You should be able to export the device state from the existing firewall and upload it into the new one fairly seamlessly. That was about all that I could get out of them.
I've had experience in downgrade of 9.x to 8.1 and it would works for you on empty new firewall (or after factory reset) or in case you have config from same HW for the downgraded PanOS.
so in your case my actions would be
1) get PA-820 at same PanOS level (downgrade) on empty FW
2) save and export of PA-820 empty config
2) get copy of running config from PA-500and try to import to new FW. If fails, then edit the config accordingly on WebUI or if you will met the major issues, get offline and edit config for the parts it failing (normally it is interface mismatch),then import updated config and commit.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!