- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
09-03-2024 01:10 AM - edited 09-03-2024 01:11 AM
Hi,
What is a reliable way to replace the FW serial number in Panorama?
We had a problem uploading a new license because the FW serial number did not match. Palo Alto TAC solved the problem, but the serial numbers changed, which caused the FW to be disconnected from Panorama.
What should be done to swap the serial numbers so that all rules have new FW serial numbers (not old ones)?
Is it enough to just run the command in Panorama?
> replace device old <old SN#> new <new SN#>
09-04-2024 07:48 AM
Hi @MarcinKrasz ,
Assuming everything is the same on the managed NGFW, then yes. You will need to commit when done.
Thanks,
Tom
09-06-2024 02:03 AM
@TomYoung IIt didn't work at all, apparently the command passed, the new serial number was visible in the target in the policy rules, but after the first push the rules were removed from the firewall and could not be pushed to fw. When we disconnected fw and added it from scratch, we could not connect to Panorama, we had to restart the authentication codes from cli. Also, remove the serial number from the Panorama rules manually, because the commit failed (after successful commit, add it back to the rules). This recovery action from the link above does not work at all.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!