This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4916 Views
  • 0 replies
  • 0 Likes

Getting Set VSYS message when creating Panorama certificates

I am creating a certificate/CSR for my management TLS login. I created a cert, but when going to export the CSR, or anything else on the bottom bar, I get a hovering message "You need to assign a default VSYS to current template first" I can't find anywhere in Panorama to set the VSYS, all my device templates have VSYS1, Tried many documents, ...

Collect data on and then block file-sharing application IDs.

I'm looking for a method to collect data passing through all location firewalls on what app-id tagged traffic for "file-sharing" is passing through (such as dropbox, onedrive, gdrive, etc.) and consolidate our organize to a single filesharing service. Once I've collected what is the most popular service, I want to put in place a policy to block ...

Resolved! ACC on Panorama show only risk 1

Hi everyone, I have a problem with ACC on Panorama showing only risk 1. Using Panorama-VM and Firewall PA-440 I try to -restart management server on Firewall and Panorama. -upgrade panorama from PAN10.1.8 to 10.1.9-h1 currently, panorama running PAN-OS 10.1.9-h1, Firewall running PAN-OS 10.1.8-h2

Warning: spyware-profile Profile_Anti-Spyware(id: 251) is considered duplicate of DNSServer_Anti-Spyware(id: 255)

Hello PA community, I found the problem that "Warning: spyware-profile Profile_Anti-Spyware(id: 251) is considered duplicate of DNSServer_Anti-Spyware(id: 255)" I noticed that it's a warning even after I upgraded panorama to 10.2.4, why warning still appear? ID : PAN-193026 What can we do or do we need to modify the profile to be different s...

SNMPv3 Panorama Device Monitoring

I am preparing to onboard a new client that has multiple Palo Alto devices at various locations around the globe. They do have a Panorama management system already, but what I'm curious about is if I can connect my SNMP manager to Panorama and have it effectively import all joined Panorama-managed Palo Alto devices via that single SNMP connecti...

mdswish by L0 Member
  • 1544 Views
  • 0 replies
  • 0 Likes

I want to integrate LDAP in Panorama

I have Panorama on VM and i am trying to configure LDAP, i have setup LDAP profile and then trying to tie LDAP profile with Management interface but it looks like i am not getting any option where i can select LDAP profile from dropdown list, If LDAP tie up with Management Interface is not allowed ? Kindly help.

Resolved! Can I migrate policy rules from pre-rules to post-rules category and push to Firewalls without causing downtime?

So, I am new to palo-alto and I created some pretty general policies for internal-to-dmz communication, I now wanted to create a policy that would target specific host-to-destinations for testing, however, I noticed that the primary "Allow All" policy was set in the pre-rules, which takes precedence in the hierarchy. (Top to bottom). So what I n...

fbarnard by L0 Member
  • 3649 Views
  • 2 replies
  • 0 Likes

MIgrate drives from a retiring M200 and install them in a M600 appliance as expansion

I would like to take the 8 gig drives from a retiring M200 appliance, format, and install them in a M600 appliance in the expansion bays for additional storage. Is there a procedure available to 1. Format the drives on the M200, 2. Install in the M600, and 3. Add them to the existing storage as expanded space.

IPSEC VPN

I am working in a lab with VMware virtual machine and when I do VPN it throws the following error: ike phase 1 negotiation fails as initiator, main mode failed SA: 192.168.1.1[500]-203.0.113.40[500]Due to time. My firewall B is on another machine with another VM. Can you help me please?

Query regarding the Log Collector Disk Backup

How to take the backup of all the logs which are currently stored in the Log Collector disk (Approx. 300GB of data over 1 year). I have tried the export of logs from the Monitor TAB in CSV format but it's a really massive task to individually download so many logs in excel.

Python - Check Panorama Template - Certificates expiration

Hello everyone, I hope you are doing well! We had an issue with certificate that as expired on one of our customer's device.I know it exist this Github : https://github.com/ip-life-net/palo-check-cert-expiry and it works flawlessly with one device but, I try to figure out how to do this on Panorama I found the SDK and seems to be a good starti...

vegiardj by L0 Member
  • 1783 Views
  • 0 replies
  • 0 Likes

When a firewall configuration migrated to the panorama, objects tab configuration imported as a shared object and got impact with other firewalls.

Hi team, While integrating a firewall into the panorama, I imported as a Device >Setup >Operations >Import device configuration as Panorama. The firewall configuration in the objects tab was imported as a shared object and impacted the other firewall configurations. I followed the admin guide for Firewall migration to the panorama. It i...

Screenshot 2023-05-03 173745.png
Screenshot 2023-05-03 173018.png
Screenshot 2023-05-03 173533.png
Screenshot 2023-05-04 201821.png

Panorama read only tunnel interfaces?

Hi I have a Panorama appliance and i am configuring our firewalls for global protect VPN, but i noticed once i pushed out the config for the gateway, it fails as the because it says the tunnel interface doesnt have a virtual router! I checked my config on the panorama and i have pushed out a default router, zones and interfaces to both firewall...

Resolved! Update software for a new Palo Alto 5260 FW through Panorama

Hi,I am fairly new to the game, and in need of some help. I have gotten a brand new PA-5260 fw. The plan for this is to have it in backup in case anything would happen to one of the others fw.My task is to only update the software on the new PA-5260 from 9.1.4 > 10.1.6-h6, which is the version the other fw are running on now. On the new PA-52...

  • 853 Posts
  • 47 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks