This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4911 Views
  • 0 replies
  • 0 Likes

Panorama REST API policy creation error with ' 'message': 'Invalid Body',

{'code': 3, 'message': 'Invalid Body', 'details': [{'@type': 'CauseInfo', 'causes': [{'code': 9, 'module': 'pan_api', 'description': 'Invalid Body'}]}]} I m able to create policy with POST method in panoram , however API doc for relase did not help as well. Url: https://192.168.1.1/restapi/v10.1/Policies/SecurityPreRules?locatio...

Panorama Syslog SSL error while writing stream

Hi we encounter issue show as below: Syslog SSL error while writing stream; tls_error=\'SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure\'. location=\'/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3\ found in syslog-ng.log as below: syslog-ng.log 2024-02-14 07:30:33Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog con...

Device Certificate for managed device

Hi guys, I am green to Palo Alto and handling the issue according to the Additional PAN-OS certificate, and I completed all the task mentioned in that article. After the first time installation, Panorama can access the internet but the managed devices do not. I wonder if the Palo Alto gateway can get re-install certificate 15 days before it ex...

Him_Lo by L1 Bithead
  • 970 Views
  • 0 replies
  • 0 Likes

Managed Logcollector

Dear All, I have Panorama M-300 with Maximum HDD capacity of RAID 16TB [4X4 TB]. And We do not have a dedicated log collector. Since it's a new installation when I check the RAID status Disk A and Disk B pair not in use. Also in the Managed Collectors I am seeing Out-Of-sync and IP address mismatch and unknown. I assume Do we need to give the P...

Firewall and Panorama mangement certificate expire

Hi, We recently upgraded the firewall models 3220 and 820 last week and are managing them through Panorama. However, we received an alert message yesterday and also getting the alert message if i logging the panorama. Should we ignore this alert? To check if the certificates are up to date, can we use the command "debug management-server pan...

Prisma Access 3.2 Known Issue CYR-28288

One of our customers was affected by the Prisma Access 3.2 Known Issue CYR-28288 CYR-28288 --> When performing commits or upgrades, a Prisma Access deployment requires internet connectivity; without internet connectivity, certificate validation will fail and commits are not possible. https://docs.paloaltonetworks.com/prisma/prisma-access...

Firewall has the IPSec tunnel but Panorama don't. How to fix?

Hi Guys, We have one of the IPSec tunnel missing on Panorama but it is configured on individual Firewalls (HA pair). The tunnel is up and running. We don't want any downtime on VPN tunnel. Can I simply add missing IPSec tunnel to Panorama and do just " Commit to Panorama"? Or is there something else needs to be done?

MINKU2 by L0 Member
  • 2191 Views
  • 1 replies
  • 0 Likes

XML API not working

I am facing an issue with the Palo Alto API where I am unable to exclude 'policy-and-objects' and 'shared-object' in partial changes. When I try to use the following XML structure in my API request: https://firewall/api?type=op&cmd=<show><config><list><changes><partial><policy-and-objects>excluded</po...

Schedule Firmware Update via Panorama or Schedule NGFW Reboot via Panorama

Title says it all. Need to patch 16 NGFWs in geographically disparate locations. I see that I can schedule config changes and exports I see that I can push firmware in 3 ways: download, download+install, download+install+reboot. I do not see any way to schedule this.I also don't see that I can schedule a reboot alone were I to perform firmwa...

Resolved! How to use "name-of-threatid" for threat types like "spyware"

Hello, I want to filter Panorama Monitoring results based on the field "name-of-threatid" for threat types like "Spyware". But when I click on of the results, I get a filter like this: "... and ( name-of-threatid eq 'Grayware:ZZZZZ.com' )" but when I want to apply this filter I get this error: It seems this field only accepts numbers. Do you ha...

Arman_Zaheri_0-1705929625551.png

How to set the rule order using CLI on Panorama

Hi, when configuring rules using CLI on Panorama, I used the following syntax, however, if I have multiple rules, how do I configure the order of different rules? set device-group DGName pre-rulebase security rules RuleName to xxxxxx set device-group DGName pre-rulebase security rules RuleName from xxxxxx

nowayout by L1 Bithead
  • 2477 Views
  • 1 replies
  • 0 Likes

Failover Panorama VM with ESXI

Hi, we will deploy panorama VM on ESXi server, but only have 1 Panorama VM instance and 1 panorama license. We want to use high availability from the Hypervisor ESXi, failover between 2 ESXi cluster. (Im not familiar with ESXi/VSphere) is this possible to do this and is UUID and CPUID will change on the Panorama, or is there anyone else w...

Assistance with Design of Palo Alto Firewalls & Panorama

Hello All, I have attached network topology based on Fortigate firewalls which needs to be migrated to Palo Alto on all 3 sites, Plus I Want to use PANOS SDWAN with Panorama as well, Brief description of network is - HO site will have 2 x PA 1410 in A/P HA - Virtual Panorama will be deployed in HO site - Branch A don't have a static Public IP...

  • 853 Posts
  • 47 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks