This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4842 Views
  • 0 replies
  • 0 Likes

URGENT VPN failover help needed

Hello Everyone, We have an existing policy-based site-to-site VPN between our Palo Alto and client's Meraki. The current VPN is to their Primary WAN IP address(Primary ISP). Now they have a secondary ISP. Both the primary and secondary ISPs are configured on the client's Meraki. I have to configure VPN failover on Palo Alto. Please help me out...

msdphi by L2 Linker
  • 975 Views
  • 1 replies
  • 0 Likes

admin role panorama unable to push

Hi guys, i need help for a stupid things but I cannot solve it. My scenario: Panorama in 11.0.4-h1 with 40 firewall connected, one for every branch of my company. What I want: the colleagues of the branch of Miami can made changes only template and device group of Miami. I created on panorama access domain with the relative devicegroup (Miami)...

Volkiria by L0 Member
  • 684 Views
  • 0 replies
  • 0 Likes

Service Port overwrites Application default provided port (?)

Hello, I would like to get a better understanding about the relationship Service vs Application when setting up FW rules: Example: "mysql" is provided with service TCP port 3306. If a rule is created using service TCP Port 58740 and in same rule under application "mysql" is added, would it cause the PA to associate application "mysql" with port...

Martin2K by L1 Bithead
  • 1004 Views
  • 2 replies
  • 0 Likes

CSR with more than 4 SANs

Hello, We are operating a GlobalProtect environment that uses a generic Server SSL cert with a shared common name and the certificate lists multiple subject alternate FQDN names. We are about to expand the GP Gateway numbers and need to add the SANs into a new CSR. But we see that Palo Alto only supports a limit of four (4) SANs "hostname" ...

Panorama - SDWAN Autogenerated Config Nightmare

I have spent the better part of two days deploying what should be a simple, standard SDWAN solution following the provided documentation. No matter how many times I try, every time I get to the point where I create the VPN Cluster, I get commit failures on the firewalls indicating that the tunnel.90x interfaces have no virtual router configured ...

dpayne_0-1623379725914.png
dpayne by L1 Bithead
  • 7236 Views
  • 6 replies
  • 1 Likes

Resolved! Panorama 11.x - Recommended AWS EC2 instance

Hi, Panorama version 11.0 and above has a recommended minimum memory size of 64Gb. AWS Marketplace shows the recommended EC2 as c4.4xlarge (Vendor Recommended), which only had 30GB of memory. Based on v11 requirements, the C4.4xlarge being the recommended instance type is probably not correct. I am curious to see what instance type othe...

Panorama Device Specific Templates Network Settings

In our Panorama exists a Standard Template. In the standard template I define ethernet1/5 with several sub interfaces. At one of our locations I need to add a sub interface for vlan 88. To tackle this, I have a device specific template that is in the template stack for this location. Within that device specific template, I added ethernet1/5....

AOneR by L1 Bithead
  • 10338 Views
  • 4 replies
  • 0 Likes

Resolved! Panorama upgrade to 10.2.11 - Incomplete log entries

After upgrading Panorama to 10.2.11, we noticed various logs are either missing text , have a unknown severity (system logs), and show an inaccurate bit count.I've tried restarting the logd process and rebooted the box.Seems like a bug but I couldn't find anything in the known issues with 10.2.11.Any help is appreciated.

Robert2 by L1 Bithead
  • 2012 Views
  • 2 replies
  • 0 Likes

Panorama support Azure site recovery service

Hi, I have deployed single Panorama in Primary region only to manage VM-series firewall deployed in Primary and secondary region. I have a requirement that Whenever my Primary region goes down Panorama moves from Primary region to secondary region and I could manage VM-series firewall in secondary region. Is Panorama supports Azure site rec...

Avinash by L0 Member
  • 2176 Views
  • 1 replies
  • 0 Likes

Downgrading from 11.1.2-h3 to 10.2.0.h3

I know downgrading is not recommended but for a configuration management requirement I may have to downgrade from 11.1.2-h3 to 10.2.0-h3. On a test bench unit I upgraded it up to 11.1.2-h3, and following the downgrade procedure I downgraded to 10.2 directly and then re-apply the maintenance patch for 10.2.0-h3. I When I am looking at the boot p...

Query RE: Access Domains

Hi Team, I have a requirement as a user wanted to give full access to a Device Group A and Just a read only access only for monitor to a Device Group B. Will this be possible in Panorama using Access Domain or any other method ? Panorama

Edsnow by L3 Networker
  • 1183 Views
  • 1 replies
  • 0 Likes

m500 to m700 migration

Has any attempted to migrate from an M500 Panorama to an M700? Palo support documents seem to indicate that there is a gap in support between the two hardware models. M500 final code release 10.1 and M700 initial code release 10.2. matrix link Palo Alto Networks Appliances

Panorama and managed devices secure comunication

Hello everyone, can someone help me figure out, how is secure communication built between managed firewalls and Panorama. The issue is that one of the firewalls lost connection, it was an ssl eror, I went by procedure recommended by panw to re-establish connection.But when consulting knowledgebase (https://knowledgebase.paloaltonetworks.com/KCSA...

Local Log collector Runtime Status showing "Disconnected"

Hi Mates, I want to know why Runtime status is disconnected. Error - Log collector XXXX failed to connect to XXXXX-inter-lc in the ring We are using Panorama as a "panorama" and "log-collectors" Setup is " Active/Passive. Issue : Managed Log collected Runtime status is showing disconnected and Configuration status is "in-sync" and Health Sta...

  • 845 Posts
  • 47 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks