This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4842 Views
  • 0 replies
  • 0 Likes

Resolved! Push to Devices from Panorama is not working

Push to Devices from Panorama is not working when we make changes in the objects tab of any device groups belong to the firewalls managed by panorama. in other words, after making changes in the objects tab , we are able to commit to panorama but couldn't push it to the devices as commit is not triggered to the firewalls from panorama. Could ...

perumalj by L2 Linker
  • 5095 Views
  • 2 replies
  • 0 Likes

Resolved! Can't see firewall logs in Panorama

Hi, New to all things Palo Alto after coming from Cisco ASA and Firepower. I've been ask to set 2 Palo alto Firewall in HA, this has been successful. Added them to Panorama which appear to be successful and configure the Palo Altos to send logs to Panorama, on the Palo Alto under objects>Log forwarding> Created a profile and ticked t...

Suspicious VPN log in attempts - do you guys also get this?

We don't have users in Switzerland / Netherlands, but I can see consistent log in attempts from the GlobalProtect logs. I know the true locations is masked, but this is a persistent thing, wondering if you guys also get this? I've geo-blocked suspicious regions already, but these log ins still visible, maybe my policy is not working right. ...

RandyMeng_0-1698866278406.png

Resolved! Error: Failed to get policy objects: NO_MATCHES(Module: useridd)

HiiiiiI just created Device groups and pushed to devices. Only "PA-445_1" this devices received the following error message.Error: Failed to get policy objects: NO_MATCHES(Module: useridd)Dose anyone encountered this problem??? How to solve it. Thankkk!! The architecture is that Panorama manages 2 PA-445s. Each PA-445 is divided into vsys1 and...

qq.jpg
11.jpg
SunnyHu by L0 Member
  • 2122 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama On Boarding

Hi. For the last 10 years, i am in charge of 3 PA devices. Device #1 (HA Pair of 1410) in the main site. Device #2 (460) in the DR site. Device #3 (440) in 2nd DR site. I have recently purchased Panorama to make it easier to deploy some shared policies and objects (right now I am doing this manually on each). I have already registered the de...

chens by L3 Networker
  • 8298 Views
  • 16 replies
  • 0 Likes

incorrect determination of the geo-sign of the IP network by Palo Alto networks 31.135.232.0/22

Good afternoon. We encountered a problem. We are the owners of the network 31.135.232.0/22. In the system "Palo Alto networks" it is determined by geo-identification as Ukrainian, although in fact it belongs to a Russian Internet provider. Accordingly, "Palo Alto networks" clients, when they want to block traffic based on geo-based characteristi...

tyrtyr by L1 Bithead
  • 2370 Views
  • 4 replies
  • 0 Likes

Importing Shared Object Questions

I have a relatively new Panorama installation. I want to associate 2 in production firewalls with ~1700 shared objects each. These two are only slightly different, I could make them the exact same with a little leg work. I associated and disassociated one of these firewalls in the past with this Panarama so it has ~1625 old shared objects lo...

Commit and Push to Devices - via API call to Panorama

Hi all, I am trying to develop a proof-of-concept script, where our SOC will push an a shared address object to Panorama, with a tag "SOC_IDENT_HIGHRISK". These objects will then be dynamically added to a security group to which block rules are applied. The issue I am having is with the final step "push to devices", referred to as "commit-all"...

Server error : No ECDSA host key is known for netadmin2.intra.chu-rennes.fr . Host key verification failed.

Hello team, I have a problem with my export configuration Panorama via scheduled task. When I make a test SCP server connexion I have this mesage : Before upgrade to 10.2 the export was working fine. I have also saw that PAN-188052 talk about this issue. Do you know how to fix it ? Could you help me please tu understand this problem. ...

Mamoudou_0-1665479202274.png
Mamoudou by L2 Linker
  • 20990 Views
  • 24 replies
  • 3 Likes

Resolved! "Bad template push candidate on disk"

Good Afternoon Everyone, I will start off with, I am very new to Palo Alto and I just want to make sure I don't jack anything up in my production environment. I got the following message when trying to push a change to one of my firewalls today: "Bad template push candidate on disk". I have done some research and it appears the following is t...

Panorama commit stuck at 50% for so long then fails (2)

Hi Team, I would like to seek for some advise. Panorama is not successful in committing in one of the managed firewalls. I already checked the "Share Unused Address and Service Objects with Devices" and set the timeout to 240 but issue is still existing. I kept digging here in Livecommunity and KnowledgeBase articles but no luck. Regard...

Panorama migration from M-100 to M-200

Dear Community, on weekend, I was migrating M-100 to M-200 and though it might be beneficial to share how it went. Migration scenario: 2x M-100 in HA in Panorama Mode + 2 log collector groups (1 group for M-500 log collectors and 1 group fop M-600 log collectors). The target was to replace 2x M-100 with 2x M-200 with minimum impact and with ...

PavelK by Cyber Elite
  • 6211 Views
  • 5 replies
  • 5 Likes

Dynamic Address Group - Insight in Member Values

I want to build dynamic address groups objects in panorama using tags on my address objects. In my mockup im using three tags, one for zone, one for "routed-in" and one for unique network (vlan or NSX-segment.) With thouse three I can tag all my address-objects and automagicly get those in the address group object. My issue with this is that in...

natmansmhi_0-1697722102153.png
natmansmhi_1-1697722472421.png
natmansmhi_2-1697722544010.png
  • 845 Posts
  • 47 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks