This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Replace a panorama managed device with a new device (different model)

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Replace a panorama managed device with a new device (different model)

cohesion
L0 Member

‎07-11-2014 04:32 AM

Hi All,

We need to replace old PA2020 (PAN-OS 5.0.10) that is managed via Panorama (PAN-OS 6.0) with new PA3020.

Referring to Panorama adminstrator guide 6.0, "How do I replace Panorama or a managed device in the event of a hadrware failure/RMA?"

Questions:

1) Can device state export from a PA2020 be import into PA3020 (new device)

2) Should we use Panorama CLI "replace device old <old SN#> new <new SN#>"

or

Manually add this new PA3020 SN# to Panorama. Then issue Panorama CLI "rename device-group <Groupname> device <OLD SN#> to <new SN#>

3) Any other steps that we need, beside those mentioned in Panorama admin guide?

1 person had this problem.
4 REPLIES 4

hshah
L6 Presenter

‎07-11-2014 05:44 AM

Hello J,

#1. Normally there should not be any issue with importing device state as long as you have same no of configured ports and same PAN-OS

#2. There is no replace command to replace serial no. Common practice is to consider it as a new device and start a new configuration. Delete the old device.

You dont have to worry about device group, Add serial no, and then add the device to same device group and template.

Or you can do following.

"Manually add this new PA3020 SN# to Panorama. Then issue Panorama CLI "rename device-group <Groupname> device <OLD SN#> to <new SN#>"

#3 Not sure.

Regards,

Hardik Shah

0 Likes Likes

hshah
L6 Presenter

‎07-11-2014 06:03 AM

#3 This is enough, if setup doesnt work than more troubleshooting is required.

0 Likes Likes

cohesion
L0 Member
In response to hshah

‎07-11-2014 06:26 AM

Noted.

Anyway Panorama does support CLI "replace" (below link), but it's not document in PAN-OS CLI reference guide....

Command Line Interface Reference Guide Release 5.1

0 Likes Likes

pulukas
L7 Applicator

‎07-11-2014 02:18 PM

You can use the steps in the Panorama admin guide.  This does assume the models are the same interface configuration.


“Replace a Managed Device with a New Device” on p.102 of the Panorama Admin Guide

https://live.paloaltonetworks.com/docs/DOC-5057

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
0 Likes Likes
  • 4959 Views
  • 4 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks