This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4845 Views
  • 0 replies
  • 0 Likes

Resolved! Do Panorama-created Pre-Rules still work if Panorama goes down?

Hi Community, I have a newer implementation of Panorama and saw on the Palo Alto subreddit that if Panorama goes down, all the Pre- and Post-Rules will not work and only Local rules on the firewalls will apply. I thought that when you create policies in Pre-Rules on Panorama and then push them to devices, that they now exist on the device's ...

MDroyKT by L2 Linker
  • 2682 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama M-200 device displaying old committed items that needed to be pushed

Good day everyone, I have another inquiry but this time for Panorama, so here's how it went. We have a Panorama M-200 that is on 10.2.4, we are experiencing some problem when it comes to push to device. The aforementioned steps below temporarily fixed the problem, but when there is a new configuration that needed to be committed and pushed, th...

Resolved! Log Forwarding of Traffic Logs to External Syslog server

Hi, we have firewalls configured to send their logs to Panorama Log Collectors and now want to forward the logs from there to a new Splunk server. We have configured the Log Collectors to forward certain log types (e.g. system, threat, traffic, url) to the Splunk server but in Splunk we only see the system logs and not the traffic logs.

New Panorama VM 10.1.0 stuck in maintenance mode

We are trying to deploy new Panorama VM base image 10.1.9 and while booting it is going into maintenance mode directly. We are unable to pass maintenance mode even after reboot, reset, rollback. We verified prerequisites which are configured correctly. Kindly assist.

kandaspr by L1 Bithead
  • 2812 Views
  • 1 replies
  • 0 Likes

Change hostnames of devices being managed by Panorama

I want to change the hostnames of an HA pair that is being managed by Panorama. When I go to Panorama > Device I see the hostnames I want to change there. Are those being pulled from the hosts themselves? If so can I just change them on each FW and be done? Or do I need to do it from PANORAMA? I don't use templates even though it seems...

drewdown by L4 Transporter
  • 2950 Views
  • 1 replies
  • 0 Likes

Forward logs from firewalls to Panorama and from Panorama to external services

Hi, I planning to forward the Panorama logs to azure sentinel, while I have log collector configured to log to Panorama. I found a document that specifies that it not possible "A Panorama virtual appliance running Panorama 6.0 or later releases, and M-Series appliances running any release, do not support these options because the log databas...

ssh invalid commit error

We have upgraded our palo alto firewall from 9.2.x to 10.2.4 after degradation from Panroma getting error as " out of sync ". we tried to commit and push from Panorma but we were unable to commit getting the error " SSH invalid" kindly help us to resove this issue

sujithGovindaraj_0-1686194452743.png

Getting Set VSYS message when creating Panorama certificates

I am creating a certificate/CSR for my management TLS login. I created a cert, but when going to export the CSR, or anything else on the bottom bar, I get a hovering message "You need to assign a default VSYS to current template first" I can't find anywhere in Panorama to set the VSYS, all my device templates have VSYS1, Tried many documents, ...

Collect data on and then block file-sharing application IDs.

I'm looking for a method to collect data passing through all location firewalls on what app-id tagged traffic for "file-sharing" is passing through (such as dropbox, onedrive, gdrive, etc.) and consolidate our organize to a single filesharing service. Once I've collected what is the most popular service, I want to put in place a policy to block ...

Resolved! ACC on Panorama show only risk 1

Hi everyone, I have a problem with ACC on Panorama showing only risk 1. Using Panorama-VM and Firewall PA-440 I try to -restart management server on Firewall and Panorama. -upgrade panorama from PAN10.1.8 to 10.1.9-h1 currently, panorama running PAN-OS 10.1.9-h1, Firewall running PAN-OS 10.1.8-h2

Warning: spyware-profile Profile_Anti-Spyware(id: 251) is considered duplicate of DNSServer_Anti-Spyware(id: 255)

Hello PA community, I found the problem that "Warning: spyware-profile Profile_Anti-Spyware(id: 251) is considered duplicate of DNSServer_Anti-Spyware(id: 255)" I noticed that it's a warning even after I upgraded panorama to 10.2.4, why warning still appear? ID : PAN-193026 What can we do or do we need to modify the profile to be different s...

SNMPv3 Panorama Device Monitoring

I am preparing to onboard a new client that has multiple Palo Alto devices at various locations around the globe. They do have a Panorama management system already, but what I'm curious about is if I can connect my SNMP manager to Panorama and have it effectively import all joined Panorama-managed Palo Alto devices via that single SNMP connecti...

mdswish by L0 Member
  • 1500 Views
  • 0 replies
  • 0 Likes

I want to integrate LDAP in Panorama

I have Panorama on VM and i am trying to configure LDAP, i have setup LDAP profile and then trying to tie LDAP profile with Management interface but it looks like i am not getting any option where i can select LDAP profile from dropdown list, If LDAP tie up with Management Interface is not allowed ? Kindly help.

Resolved! Can I migrate policy rules from pre-rules to post-rules category and push to Firewalls without causing downtime?

So, I am new to palo-alto and I created some pretty general policies for internal-to-dmz communication, I now wanted to create a policy that would target specific host-to-destinations for testing, however, I noticed that the primary "Allow All" policy was set in the pre-rules, which takes precedence in the hierarchy. (Top to bottom). So what I n...

fbarnard by L0 Member
  • 3529 Views
  • 2 replies
  • 0 Likes
  • 845 Posts
  • 47 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks