This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4906 Views
  • 0 replies
  • 0 Likes

Importing Shared Object Questions

I have a relatively new Panorama installation. I want to associate 2 in production firewalls with ~1700 shared objects each. These two are only slightly different, I could make them the exact same with a little leg work. I associated and disassociated one of these firewalls in the past with this Panarama so it has ~1625 old shared objects lo...

Commit and Push to Devices - via API call to Panorama

Hi all, I am trying to develop a proof-of-concept script, where our SOC will push an a shared address object to Panorama, with a tag "SOC_IDENT_HIGHRISK". These objects will then be dynamically added to a security group to which block rules are applied. The issue I am having is with the final step "push to devices", referred to as "commit-all"...

Server error : No ECDSA host key is known for netadmin2.intra.chu-rennes.fr . Host key verification failed.

Hello team, I have a problem with my export configuration Panorama via scheduled task. When I make a test SCP server connexion I have this mesage : Before upgrade to 10.2 the export was working fine. I have also saw that PAN-188052 talk about this issue. Do you know how to fix it ? Could you help me please tu understand this problem. ...

Mamoudou_0-1665479202274.png
Mamoudou by L2 Linker
  • 21739 Views
  • 24 replies
  • 3 Likes

Resolved! "Bad template push candidate on disk"

Good Afternoon Everyone, I will start off with, I am very new to Palo Alto and I just want to make sure I don't jack anything up in my production environment. I got the following message when trying to push a change to one of my firewalls today: "Bad template push candidate on disk". I have done some research and it appears the following is t...

Panorama commit stuck at 50% for so long then fails (2)

Hi Team, I would like to seek for some advise. Panorama is not successful in committing in one of the managed firewalls. I already checked the "Share Unused Address and Service Objects with Devices" and set the timeout to 240 but issue is still existing. I kept digging here in Livecommunity and KnowledgeBase articles but no luck. Regard...

Panorama migration from M-100 to M-200

Dear Community, on weekend, I was migrating M-100 to M-200 and though it might be beneficial to share how it went. Migration scenario: 2x M-100 in HA in Panorama Mode + 2 log collector groups (1 group for M-500 log collectors and 1 group fop M-600 log collectors). The target was to replace 2x M-100 with 2x M-200 with minimum impact and with ...

PavelK by Cyber Elite
  • 6490 Views
  • 5 replies
  • 5 Likes

Dynamic Address Group - Insight in Member Values

I want to build dynamic address groups objects in panorama using tags on my address objects. In my mockup im using three tags, one for zone, one for "routed-in" and one for unique network (vlan or NSX-segment.) With thouse three I can tag all my address-objects and automagicly get those in the address group object. My issue with this is that in...

natmansmhi_0-1697722102153.png
natmansmhi_1-1697722472421.png
natmansmhi_2-1697722544010.png

Configure Panorama as standalone syslog server

Hi, my customer would like use a Panorama device as standalone syslog server (using standard syslog tcp/udp port 514), so that it can collect logs for firewalls it does not manage. Is it possible? So we can configure on the Panorama that manage the firewalls, a syslog server profile pointing the ip address of the standalone syslog server Panoram...

Resolved! error shown - Panel for undefined not registered

Hi Team, We are getting below error in panorama The Pan-os Version is - 10.1.5 We have followed the below document for the same but still same issue, https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CleXCAS Please help me to resolve the issue,

SubaMuthuram_0-1651131288955.png

Resolved! Passive firewall is disconnected from Panorama

Hello, I made the mistake of suspending one of our 440's from HA prior to updating panorama. After completing the Panorama upgrade to 10.1.10-h2 from 10.1.6 I went to upgrade the firewall that I suspended from high availability, but it is not listed in Pano. HA status from both firewalls shows enabled/connected when I checked from cli using 's...

MNoble by L2 Linker
  • 4187 Views
  • 2 replies
  • 0 Likes

Filtering panorama policies by modified date.

I'm trying to do some auditing of firewall policies. The organization that I'm working with is wanting an automated way to identify rules that have been disabled for 6 months so they can go in and delete them. The thought I had was to look at the modified date and disabled status to identify the rules - I have seen suggestions about adding thi...

Resolved! Query on Policy creation

I got a request from my client to create the below policy. The destination address is given as "IS NOT "abcd.xyz.com"". I checked all options to find the 'IS NOT' reference in the policy options but didn't find any. Please let me know if there are any references for the given scenario. Name of the policy: XYZSource Zone: TrustSource: AnyD...

nazddk by L1 Bithead
  • 1709 Views
  • 1 replies
  • 0 Likes
  • 853 Posts
  • 47 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks