When I configured my new firewalls to register with my panorama, they didn't appear.
I checked the following points:
- Connectivity between my firewalls and my Panorama : OK => I do some packet captures on both side
- TCP bidirectional traffic on port 3978 : OK => I do some packet captures on both side
- Re-generate SSL certificates on my Panorama : OK => On my Panorama web gui, I see my certificate marked as valid.
- Copy-paste serial number from my firewall to my Panorama : OK
- Allow IP of my firewall on my Panorama's managment interface : OK => I configured it
- PAN-OS version on my both equipment : OK => we are in 6.1.8
- Reduce MTU size : OK => MTU = 1300 on my firewall because we pass into VPN tunnel to contact my Panorama.
- NTP synchronization : OK => Both equipments are on time.
I checked these topic:
If anyone has got this issue, I'll be happy to know the resolution.
Have a nice day.
can you ping panorama host from your new firewall CLI using firewall management interface IP as a source?
Not sure but you might need to adjust source routing (for Panorama) only to use management interface IP; i had simmilar issue that solved with source routing setting.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!