Panorama Discussions

Cisco ACI-Plugin for Panorma: IP Subnet of BridgeDomain not being synced

Dear Guys

we have a Cisco ACI in place that polcy redirects all traffic to our Palo DC firewall.

For creating policies we rely on the Cisco ACI Plugin to sync endpoint information (IPs, Subnets, etc.) from ACI.

The issue: The "bridge domain" elemen

Errors after deploying template from Panorama

Hi all,

I am seeing the below errors after deploying templates to Palo's when attempting to commit HA configuration.

I have applied the HA IP so unsure why that is stating ip-address to be configured?

Also what is best way to resolve these dynamic

Panorama fails to upgrade itself with error: Label sysroot1 does not indicate a valid image

Hi all,

      last time I tryed to upgrade my Panorama, I had this error: "Label sysroot1 does not indicate a valid image".

The panorama is working, also I'm able to upload images and content to managed firewall, only I cant upgrade itself.

Is not re

Need help with setup of new Palo Alto device

Need Palo Alto Tech support help on the phone - how to get to them?

Problem with viewing and downloading 30-day logs on Panorama server

In this case, Panorama is not displaying the logs report correctly. So, I suggested the following :

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClK8CAK

Then, I shared my action plan:

1. you could access the Panorama

Upgrading 10.1.11-h5 to 11.1.2 directly ?

We have acquired 14XX series firewall for one of our locations, currently running Panorama version is10.1.11-h5 (VM-mode -Microsoft Azure, VM-100, system mode-panorama).
This firewall 14xx is only compatible with 11. prior adding 14xx firewall, we mus

Panorama Removal

Hi All,

Our client is planning to remove panorama and manage their firewalls directly from PAFW GUI.

What would happen to policies push from panorama once removed? will it be retained on the FW?

What would happen for policies pushed for FW when

Panorama REST API policy creation error with ' 'message': 'Invalid Body',

{'code': 3, 'message': 'Invalid Body', 'details': [{'@type': 'CauseInfo', 'causes': [{'code': 9, 'module': 'pan_api', 'description': 'Invalid Body'}]}]}

 I m able to create policy with POST method  in panoram , however API doc for rela

Panorama Syslog SSL error while writing stream

Hi 

we encounter issue show as below:

Syslog  SSL error while writing stream; tls_error=\'SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure\'. location=\'/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3\

found in syslog-ng.log as below:

Device Certificate for managed device

Hi guys,

I am green to Palo Alto and handling the issue according to the Additional PAN-OS certificate, and I completed all the task mentioned in that article. After the first time installation, Panorama can access the internet but the managed devi

Managed Logcollector

Dear All, 

I have Panorama M-300 with Maximum HDD capacity of RAID 16TB [4X4 TB]. And We do not have a dedicated log collector.

Since it's a new installation when I check the RAID status Disk A and Disk B pair not in use. Also in the Managed Collecto

Firewall and Panorama mangement certificate expire

Hi, 

We recently upgraded the firewall models 3220 and 820 last week and are managing them through Panorama. However, we received an alert message yesterday and also getting the alert message if i logging the panorama. Should we ignore this alert?

Prisma Access 3.2 Known Issue CYR-28288

One of our customers was affected  by the Prisma Access 3.2 Known Issue CYR-28288

CYR-28288 --> When performing commits or upgrades, a Prisma Access deployment requires internet connectivity; without internet connectivity, certificate validation wi