This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4919 Views
  • 0 replies
  • 0 Likes

Software status in GUI show blank, null and unknown on Passive panorama

HI , we just recently upgrade our panorama VM active and passive to 11.1.4-h1 version and upgrade successfully However, we found it weird that on secondary panorama , software status showing blank, null and unknown on the installed version as show in picture Has anyone have any explanation or KB why it showing like that on passive panorama...

Panorama Certificate Import Api Does not work when targeting a Vsys

See attached document. When using the API in Panorama and trying to target a vsys, it always imports to the shared location. The documentation says it supports this. Here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-xml-api-request-types/import-files-api/import-files curl -X POST 'https://firewall/api?type=i...

Syslog Sending From panorama

HI I have a question.If panorama sends syslog to the syslog server, is it only the panorama syslog that is sent or all the logs of the local palo devices managed by panorama? Thanks & Regards. Panorama

API/CLI - how to access subset of devices by tag assigned to them?

Hi there, I'm going to use device's tags to have another dimension beside of template/device groups. I've assigned a tag to subset of devices (using Panorama>Managed devices WebUI), but I'm really lost how I can get access/filter devices by this tag in CLI/API (except WebUI - search/filter them on or when selecting scope to push). When I'm u...

DDmchk by L1 Bithead
  • 3398 Views
  • 2 replies
  • 0 Likes

Removal of Targets from Policy

I have a number of firewalls managed in Panorama that are to be decommissioned. Some of these firewalls are in Device Groups with several thousand policy entries. Annoyingly they have been assigned the firewalls in the target column. Does anyone have a documented method as to how to remove targets from a Device Group in Panorama quickly and...

Cloud NGFW I Cloud NGFW Integration with Panorama

We have deployed a cloud NGFW in azure using azure portal rule stack. The device is in production. Now the requirement is to integrate this with panorama. When we go to the device in Azure portal under security policy the options are greyed out. Is there no option to integrate the cloud NGFW which are already in production? Do we need to rede...

Abhinaw by L0 Member
  • 1014 Views
  • 1 replies
  • 0 Likes

Resolved! Panorama issue after upgrading to 10.2.8-h3. Vsys not showing in interfaces and Vsys pages.

Hi i'm experiencing a cosmetic issue after upgrading panorama to 10.2.8-H3. In Interface page infos related to vsys are not showing up correctly. Also i cannot see vsys anymore in their own configuration page.All info are correct if i browse the firewall but as we manage all from panorama this bug is preventing us from modify certain settings. ...

what is elastic+ management plane cpu process?

Can anyone explain why elastic+ is showing in show system resources command? 17162 elastic+ 20 0 3923.0g 38.0g 3.3g S 5.9 15.1 168339:53 java 18242 elastic+ 20 0 3921.6g 38.0g 3.3g S 5.9 15.1 163177:55 java top - 19:19:39 up 104 days, 1:59, 1 user, load average: 3.61, 4.93, 5.40 Tasks: 662 total, 1 running, 370 sleeping,...

URGENT VPN failover help needed

Hello Everyone, We have an existing policy-based site-to-site VPN between our Palo Alto and client's Meraki. The current VPN is to their Primary WAN IP address(Primary ISP). Now they have a secondary ISP. Both the primary and secondary ISPs are configured on the client's Meraki. I have to configure VPN failover on Palo Alto. Please help me out...

msdphi by L2 Linker
  • 1092 Views
  • 1 replies
  • 0 Likes

admin role panorama unable to push

Hi guys, i need help for a stupid things but I cannot solve it. My scenario: Panorama in 11.0.4-h1 with 40 firewall connected, one for every branch of my company. What I want: the colleagues of the branch of Miami can made changes only template and device group of Miami. I created on panorama access domain with the relative devicegroup (Miami)...

Volkiria by L0 Member
  • 719 Views
  • 0 replies
  • 0 Likes

Service Port overwrites Application default provided port (?)

Hello, I would like to get a better understanding about the relationship Service vs Application when setting up FW rules: Example: "mysql" is provided with service TCP port 3306. If a rule is created using service TCP Port 58740 and in same rule under application "mysql" is added, would it cause the PA to associate application "mysql" with port...

Martin2K by L1 Bithead
  • 1085 Views
  • 2 replies
  • 0 Likes

CSR with more than 4 SANs

Hello, We are operating a GlobalProtect environment that uses a generic Server SSL cert with a shared common name and the certificate lists multiple subject alternate FQDN names. We are about to expand the GP Gateway numbers and need to add the SANs into a new CSR. But we see that Palo Alto only supports a limit of four (4) SANs "hostname" ...

Panorama - SDWAN Autogenerated Config Nightmare

I have spent the better part of two days deploying what should be a simple, standard SDWAN solution following the provided documentation. No matter how many times I try, every time I get to the point where I create the VPN Cluster, I get commit failures on the firewalls indicating that the tunnel.90x interfaces have no virtual router configured ...

dpayne_0-1623379725914.png
dpayne by L1 Bithead
  • 7560 Views
  • 6 replies
  • 1 Likes
  • 854 Posts
  • 47 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks