This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

TAC Recommended PAN-OS Release 9.0

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

TAC Recommended PAN-OS Release 9.0

shehan
L1 Bithead

‎10-31-2019 08:19 PM

Hi Guys,

 

We are running 8.1.6 on our PA Gateway and Panorama and would like to upgrade it to 9.x.x. I went through the Release Guidance and it says the preferred released version is 9.0.4

 

https://live.paloaltonetworks.com/t5/Customer-Resources/Support-PAN-OS-Software-Release-Guidance/ta-...

 

1. Is the version 9.0.4 is the generally recommended one?

2. According to the TAC best practice is to upgrade the panorama to a higher version than the gateway therefore what should be the gateway version and the panaroma version accordingly?

 

TIA

 

 

 

1 person had this problem.
0 Likes Likes
5 REPLIES 5

VincentPresogna
L3 Networker

‎11-01-2019 09:11 AM

I have my PA-820 running 9.0.4 since it was release. Haven't had any issues, and it even resolved an issue I was having with LDAP group mappings.

____________________

Just another I.T. Guy

0 Likes Likes

BruceBennett
L3 Networker

‎11-01-2019 10:52 AM

Hi Shehan,

 

The link you provided actually answers your first question, 9.0.4 is the preferred OS for firewalls and Panorama.

As for having Panorama one version higher, my understanding is that Panorama must be at the same level or higher to manage the firewalls. The key being "at the same level". I know I try to keep Panorama up to the preferred version listed, but I cannot do the same with my firewalls, as it is a challenge to plan the changes that often.

The important thing is that you are safe running the same OS version on Panorama as you are on the firewalls.

 


Bruce.

Learn at least one new thing every day.
0 Likes Likes

OtakarKlier
Cyber Elite
Cyber Elite
In response to BruceBennett

‎11-01-2019 03:08 PM

Hello,

Check the release notes and make sure you're not affected by any of the known issues. I have 9.0.4 running on many different models and all is well.

 

Regards,

Remo
L7 Applicator

‎11-03-2019 11:18 AM

Hi @shehan 

 

  1. 9.0.4 is the preferred release from the 9.0 major version. As far as I know not the generally recommended one*
  2. Gw and panorama can be on the same version but gw shouldn't be higher. (This at least is required when you open a TAC case. In practice it normally also works when gw is on a higher version than panorama - as long as they are on the same major version)

*This is only my personal recommendation and nothing official, but because of too many problems in the past I will always wait until x.x.8 or even x.x.9 version until I upgrade to a new majorversion.

Brandon_Wertz
L6 Presenter
In response to Remo

‎11-04-2019 11:45 AM

@Remo wrote:

*This is only my personal recommendation and nothing official, but because of too many problems in the past I will always wait until x.x.8 or even x.x.9 version until I upgrade to a new majorversion.

Agreed.  I deployed a 5220 running 8.0.5...Thought it was a stable code, ended up crashing both the A/P box because a netflow bug.  The bug wasn't fixed until 8.0.8.

 

So for a major enterprise I'd wait until at least .7+ of a patch level on a new major release.

  • 33956 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks