After removal firewall from Panorama it cannot register anymore to other Panorama instances

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

After removal firewall from Panorama it cannot register anymore to other Panorama instances

L0 Member

I had a small POC with SD-WAN on PA-410 units and Panorama in management mode.

Once it was done, configuration was deleted, and it acted just as a regular firewall, so I have decided later to remove it at all from Panorama. Just as a regular step removed IP, disabled policy and objects and device and network templates.

Now as I need to test something else I have installed fresh Panorama instance (only difference that it is now in Panorama mode).

Unfortunately FW is not able anymore to connect to Panorama.

Both PA and Panorama OS are 10.1.5-h1 (it was same lastly no change).

 

What I did so far tried to reinstall Panorama, modify its IP, use same IP as previous instance.

License is active on Panorama, certificates are also ok on both FW and Panorama.

FW can reach Panorama.

For isolating issue there is a top rule on FW that allows ANY > Panorama (no zone) and same in reverse.

 

Also from logs it states that (on both ends):

 

lcs agent on serialxxx-log-collection connected
 
Connectivity on port 3978 works, I can see established sessions.
 
On Panorama it keeps to be not connected, from FW:

> show panorama-status

Connected : no

 

Any ideas what I am missing?

2 REPLIES 2

L0 Member

Today again I followed that procedure, after Panorama reinstallation and it worked.

Recover Managed Device Connectivity to Panorama 

 

When you followed that procedure, how did it go? Did you run into any hiccups or service interruption? Thanks.

  • 979 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!