Related to Paloalto VM instance type change

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Related to Paloalto VM instance type change

L3 Networker

Dear Team,

 

I have a question while testing.

 

If I'm wrong, anyone please feel free to leave a comment.

 

1. Check if an issue occurs in the service traffic processing part when changing the instance type
> Since there is no change in the settings, traffic processing is normal, but the throughput changes depending on the instance.
> ex) m5.2xlarge(vCPU 8, 16G) : 6Gbps > m5.xlarge(vCPU 4, 9G) : 3Gbps

 

2. Confirmation of License Changes
> Paloalto licenses are identified by a unique CPU-ID and UUID.
> Since the CPU-ID changes when the instance type is changed, it is essential to deactivate the license before changing the instance type.
> If I apply the license again after changing the instance, it can be used normally.

 

3. Setting change part of Panorama that is linked with the firewall
> When re-applying the license, a new S/N is created, so there is no need to change the settings in the firewall. However, in Panorama, it is necessary to re-link with the changed S/N of the firewall.

If anyone has experienced any of the above symptoms or knows a solution, please share with me.

 

Thanks in advance,

Kyungjun,

2 REPLIES 2

Community Team Member

Hi @CHOE-KyungJun ,

 

Are you saying that you are having issues with licensing after recreating a VM? Are you seeing a valid license when you type in the command "show system info" on the new VM?  

LIVEcommunity team member
Stay Secure,
Jay
Don't forget to Like items if a post is helpful to you!

Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

@JayGolf 

Thank you for your reply

 

I didn't recreate the VM. I simply changed the instance type.

 

The link below confirms that the license needs to be deactivated before changing the Cloud instance type.

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-upgrade/upgrade-the-vm-series-firewall/upgrade-...

  • In a private or public cloud deployment, if your firewall is licensed with the BYOL option, you must deactivate your VM before you change the instance type or VM type. Upgrading the model or instance changes the UUID and CPU ID, so you must apply the license when the.

However, in actual testing, CPU-ID does not change and S/N does not change either.

I would like to know why the symptoms are occurring.

AWS(M5.2xlarge > M5.xlarge) / Azure(DS3_v2 > D8s_v3)

  • 2594 Views
  • 2 replies
  • 2 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!