Software version Downgrade from 10.1.1 to 10.2.7 for Panorama

When trying to downgrade the PAN-OS version from 10.1.1 to 10.2.7 due to a DLP plugin validation error, we encountering the following error: Does anyone know how to resolve this issue? Failed to install 10.2.7-h3 with the following errors.SW version is 10.2.7-h3Nothing pending to cancelError: Please uninstall openconfig plugin before downgradi...

Hidden Administrator accounts in Panorama

Hello everyone, I just wanted to commit some changes to our panorama configuration and noticed, that a new user with the name "__vm_series" was added in the commit changes as a full panorama-admin. Curiously, that user was hidden in the web-gui under Panorama -> Administrators. This was among some changes around adding new firewalls, so my be...

VM sdb drive shows 1.7TB in CLI and not seen in GUI for Panorama

Hi, We are trying to rebuild our Panorama instances that did a hard crash we could not recover from using 10.1.5h1. We started with a 10.0 ova file and then upgraded to 10.1 and then 10.1.5h2. When we tried to commit the snapshot we saved from the secondary we noticed that it failed because there we only 13GB of disk space for logs. The CLI show...

Panorama PanOS 10.2.2-h2 relogin "Session has expired..." issue

We have an issue with the login page of panorama. When we get kicked out of panorama due to a timeout, logging in again doesn't work and we get redirected to the following page. This happens in different browsers (Edge, Chrome, Safari).

RDP connection incomplete

Hi Team, we have allowed RDP port from pan when i see logs its showing action is allowed application is incomplete & session end reason -aged out user is able to do telnet but when he tries to take RDP its fails please help us.

Gemini (formally Bard) App-ID news.

Since the artificial intelligence tool Bard is now Gemini. Has there been any news on when they will switch and ad an App-ID for Gemini? I know for ChatGPT and Bard they were quite quick to add them. Surprising they haven't given the popularity of Artificial Intelligence and the utilization has only gone up.

Palo Alto Panorama All wildfire logs have the same hash value. What's the problem?

Auto Renewal for Certificates?

Hello,I wanted to see if there was a way to set up "Auto Renewal" for our certificates for GlobalProtect? Not sure if this is even an option or not. Right now, we manually renew and import/export the certificate.

Panorama and Firewall Communication

Dear All, I have Panorama hosted in one of the location [where geo graphically separated] abd my Managed firewall are located across the globe. Due to Embargoed few countries I don't have option to establish S2S VPN or any other over lay. So I have left with option plain internet. Question1: What are the communication I could expect from Pa...

Pushing template from Panorama resulting in error

Imported Palo Alto configuration to PanoramaModified BGP configuration..to be precise added "deny" rules under bgp>import>committed changes to PanoramaPushed the modified templates to the same device from where I imported the config. Commit is failing with below errors:Details:. Validation Error:. import -> network -> interface 'sdwa...

Panorama vCenter Plugin - What happens if VMWare vCenter is down?

Hello all, we are using Panorama with VMWare vCenter Plugin v2.1, connected to several vCenters to pull IP information about several VMs to be then used in polices on the firewalls. Now the question came up, what will happen if a vCenter isn't reachable when the sync tries to collect the actual IP mappings? Will the IP-mappings on the firewall...

Disabled rules on Panorama being pushed to firewall

Hi All, I had a very strange behavior recently on panorama. Disabled rules don't go to firewalls when a push is performed from Panorama, but I had a disabled rule on panorama which got pushed to firewalls. Please find below events in the order they appeared. 1. I had disabled a Security Rule and 2 PBF rules on Panorama and pushed the config...