This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4840 Views
  • 0 replies
  • 0 Likes

How do I assign SD-wan interface profile to template when all sites have different speeds for fiber and cable.

How do I assign a SD-wan interface profile an interface in a template with 3 firewalls assigned to 3 groups based on site when each site has different speeds for each ISP? Do I have to go against palo alto recommendations and use 3 templates? Site 1 Fiber: 250Mbps/250MbpsSite 1 cable: 600Mbps/35Mbps Site 2 Fiber: 200Mbps/200MbpsSite 2 cable: 250...

Resolved! Validation Error: interface 'ethernet1/2' is already in use, but it isn't ... and zones are type unknown, but they aren't

Hi,When I try to push a config from Panorama to a PA-440, the commit fails because of these reasons. Which is strange because ethernet1/2 isn't in use (on the PA-440). Also the zones are configured and their type is defined.What am I missing here ? Thank you very much,

The Panorama IP has been changed on the firewall, but the firewall still has a session to the original IP

Panorama is used for management and log collection. The IP address of Panorama has not changed. There is a firewall outside Panorama, which maps the 3978 port of the firewall's exit IP to Panorama. The managed firewall was originally configured with the private network IP of panorama. Now it is changed to the mapped public network IP. After the ...

Wilbur by L1 Bithead
  • 5050 Views
  • 4 replies
  • 0 Likes

Dynamic Address Group values in Panorama

Is there a way to have the values from a dynamic address group show in Panorama if its placed in the group on a firewall itself? I was looking for a central place where a device can manually be removed from the group if needed and redistributed to all. The thought was for a dynamic address group for IPs that have a malicious wildfire event trigg...

Claw4609_0-1694441426570.png
Claw4609_1-1694441438604.png
Claw4609_2-1694441473457.png
Claw4609 by L5 Sessionator
  • 1043 Views
  • 0 replies
  • 0 Likes

Primary palo alto 220 missing on panorama but I can access it via CLI

Needing your help I'm newbie on Palo alto . We have a Panorama on one of our sites this is PA 200 before I'm seeing the primary on panorama but not its not. Although I can access it via SSH and use the CLI but when I run the show running sync-to-panorama command it was not on list. This panoramas are old ones and slow. The mgmt and policies are ...

weezy by L3 Networker
  • 3217 Views
  • 8 replies
  • 0 Likes

Terraform Panorama Nat Policy group panos_nat_rule_group on panorama is not working - Terraform version = "1.11.1"

Hi Team , We are testing the panos_nat_rule_group on panorama using terraform and somehow it is not working 1) Below is the official terraform documentation for Panorama Nat Policy grouphttps://registry.terraform.io/providers/migara/pan-os/latest/docs/resources/nat_rule_groupThe example provided is not working. When we do ‘terraform plan’ – it i...

Template stack override clear pending change

I mistakenly clicked an override on a template stack and now there are pending changes to be pushed to the firewalls. I tried the revert option in Panorama next to the commit button but it did not show any changes. I tried the Revert to running Panorama configuration and then selected one of the template stacks and clicked OK, when I click on...

HIP Notification + Windows Updates

I have HIP notifications set up when users do not have Microsoft patches greater than or equal 2 severity. I would like to only notify them if it is a Windows Update, specifically security updates. As of now, they are getting the notification for any patch from Microsoft with the severity greater than or equal to 2. I see in the GlobalProtect Ho...

Panorama managed devices lose configuration

On two occasions recently my firewalls stopped functioning correctly following a reboot.The first time affected a single firewall. I restarted the firewall in order to troubleshoot.The second time was after a software update. Both firewalls were rebooted.In both cases when the firewalls came back up they wouldn't process traffic correctly until ...

Template stacks and Vsys1

Hello, I am running into an issue when attempting to create a template stack and vsys1 not being able to be removed. I have a defined vsys that I want to use with all the necessary information already in it and as I start building out my stack I noticed that my preferred vsys is listed under Templates -> <Stack defined> -> virtual ...

generating a vm-auth-key - how to make it persistent

Hi All, On Panorama, is there a way to make a newly generated 'vm-auth-key' persistent so it can survive a reboot? request bootstrap vm-auth-key generate lifetime xxxx we want to set it to a lifetime of one year where we will auto deploy and scale VMs in AWS and have them auto register in Panorama thanks in adv

PA_nts by L4 Transporter
  • 1040 Views
  • 0 replies
  • 0 Likes

Resolved! How are duplicate shared objects identified in Panorama?

I know that when you migrate a firewall into Panorama and you keep the Import device's shared objects into Panorama's shared context box checked, this imports the firewall's objects as shared objects, unless there are duplicates. I'm wondering--how does Panorama identify any duplicates? Is it by the name of the object or other characteristics (s...

MDroyKT by L2 Linker
  • 11264 Views
  • 5 replies
  • 0 Likes
  • 844 Posts
  • 47 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks