This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4842 Views
  • 0 replies
  • 0 Likes

Connection between pxGrid and Panorama failed

Hi,I am currently trying to integrate Cisco pxGrid into PAN Panorama. I am using the Trustsec Plugin 2.0.0 & PAN-OS 11.1.2-h3. I have successfully created an account in the ISE and verified it. But when I create the pxGrid Server in Panorama I see the error message: “subscription [errno 16] device or resource busy”. Does anyone have experien...

madlenma_1-1721656029601.png
madlenma by L0 Member
  • 1398 Views
  • 0 replies
  • 0 Likes

Cannot create auth keys

Trying to generate an auth key to setup some dedicated log collectors. Tried in the GUI and CLI. In both instances I get the error, "Failed to add authkey. Failed to update DB." Runing 11.0.2-h2. Any suggestions?

Panorama Logs - Storage and LPS rate

Der All, I have couple of queries regarding Log storage and Lps. I have M300 Panorama appliance with Active/Passive. I have installed the Panorama HDD with full capacity which is 16TB HDD. I am managing 400+ firewall from this Panorama. For Initial period I will forward the fw logs to Panorama later will forward fw logs to SIEM solution. So ...

Ramakrishnan_2-1720506560807.png

Panorama Firewall logs

Dear All, I currently manage two M-300 Panorama devices in Active/Standby mode, each with a full disk capacity of 4x4 TB (16 TB each). My firewall logs are forwarded to the Active Panorama. Estimated log lps we need at least 93 TB of storage to store 14-15 days of logs, as we do not have that capacity at current Panorama deployment. Due to this...

Log collectors use a certificate due to expire

Dear community, When upgrading our log collectors to 10.2.9-h1 , we noticed that collectors are using a certificate that will expire soon. We need to know how to renew the certificate, and what happens if the certificate is not renewed or if it auto renews by itself? Thank you!

TammamA by L1 Bithead
  • 845 Views
  • 0 replies
  • 0 Likes

Allow google translate URL

My PAN-OS Version is 10.2.7-h8 and use PA-820 I try to allow google translate,and block other URL(include google search、google drive...) When I follow the link as below,but not successfully. https://docs.paloaltonetworks.com/advanced-url-filtering/administration/configuring-url-filtering/url-category-exceptions/guidelines-for-url-category-exce...

TRANSLATE.png
yasheng by L1 Bithead
  • 2056 Views
  • 1 replies
  • 0 Likes

Resolved! Using API to update Permitted IP Addresses list

We use the Permitted IP Addresses list (Panorama>Setup>Interfaces) to restrict access to Panorama to our public IPs. The problem we run into is that some of our devices use cellular as backup (new public IP every two days) or worse--Starlink (who change your public IP several times per day). Since this list only uses IP, not DNS, I can't...

JDBailey by L1 Bithead
  • 4871 Views
  • 4 replies
  • 0 Likes

Panorama messages.

hi. Any idea why panorama suddenly started sending this messages a lot opaque: gRPC connection to iot.services-edge.paloaltonetworks.com:443 is broken, error: fail to parseTlsCert, err fail to load client cert[/root/client.pem], err open /root/client.pem: no such file or directory time: 2020-08-10 10:53:30 and how to fix this ? Thanks !!

policy based Ikev2 site to site VPN between Cisco router and Palo Alto

we have a policy-based site-to-site VPN between cisco router and palo alto. But the tunnel goes down and doesn't come up after the IPsec lifetime is expired. And tunnel only comes up after sending traffic from cisco to palo alto and not the other way. When The devices under the Cisco LAN subnet(192.168.2.0/24) try to communicate with the server ...

msdphi by L2 Linker
  • 1850 Views
  • 1 replies
  • 0 Likes

VMware ESXi Panorama ha1 down

Hello - I have a VMware ESXi Panorama (10.1.10-h1) active/passive pair and the ha1 port goes down several times a day every day. This produces the following in system logs "Staying in Active state after split-brain recovery (split-brain duration: xx's". I've rebooted, ensured that the root was less than 90% and increased the Heartbeat Interva...

Built-in External Dynamic Lists - Not showing so they can be added to shared Policy

I am currently attempting to make all of my firewals look the same from a policy perspective as possible and I would like to know if there is a way to add the Built-in External Dynamic Lists To the shared policy. I understand that each firewall is updating the list based on the dynamic updates received but, I would thing that these items should...

Panorama Object in Firewall Vsys

Hi all, We have a firewall with 3 vsys and object in shared. the object for address is around 25.000. we was integrate the firewall into the panorama, and the object was imported to each vsys. i found that after the import each vsys have 25.000 address object. when we push to the firewall, on the object location it show from panorama. that i...

Resolved! Add to Panorama a new firewall to form an HA with a current standalone already managed by Panorama

One of our customers has a standalone PA-820 that is currently managed by Panorama. They now want to add another PA-820 and form an HA Active/Passive peer with the one mentioned above. Checking PA documentation, I can only see references about how to integrate both HA peers or a standalone firewall but do not mention anything specific about ho...

  • 845 Posts
  • 47 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks