Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4947 Views
  • 0 replies
  • 0 Likes

Resolved! Can't commit from Panorama due to mis-match Vsys number between Pan and local box

wanted to know if anyone has ever experienced this issue. recently configured a new Vsys "Vsys6" which was successfully added to the correct Template_stack and device groups. everything worked fine for 2-3 weeks, however last night after adding 2 Sec.policies to the new Vsys. the commit failed. FYI for security i've edited the zone names and pol...

Resolved! Exact Log4J version on Panorama 9.0.15

Hello everyone, I just upgraded our Panorama servers to 9.0.15, but our SOC team is asking to know the exact log4j version included in this hotfix release, because they want all appliances to be upgraded to log4j 2.16. According to this page (https://docs.paloaltonetworks.com/oss-listings/panorama-oss-listings/panorama-9-0-open-source-softwa...

grenzi by L3 Networker
  • 3026 Views
  • 1 replies
  • 0 Likes

Resolved! want to add third log collector in Panorama HA

We have two panorama (M200) in HA with single collector group , local log collector of both panorama we have added in same collector group and enabled redundancy.Due to low disk-space we want to add one more log collector. So there will be three log-collector in same LC group. Can I add third LC ,( if Panorama in HA and already added LC's are pa...

Deepak25 by L3 Networker
  • 5400 Views
  • 7 replies
  • 0 Likes

Resolved! Restore Panorama after hardware failure

How do I restore Panorama configuration? I do a "Scheduled Config Export" every night. Old Panorama VM had to be rebuilt from scratch. No access to old VM. I have rebuilt the VM from OVA. When I try to "Import name Panorama configuration snapshot" per restore documents I get an error that the file is not an .xml. What is the procedure to use...

Joel_W by L1 Bithead
  • 7236 Views
  • 3 replies
  • 0 Likes

what is the difference between "commit to panorama" and "save changes"?

I do see commit and config options in Panorama. I am aware that commit option is used to push configuration to Panorama and then to Managed firewalls. I would like to know when to use "save changes" and what is it for under config options.if possible , Please also explain about Lock option. Lock option is used to lock commit when multiple users ...

perumalj by L2 Linker
  • 3917 Views
  • 1 replies
  • 0 Likes

HIP-PROFILES IS A DUPLICATE NODE ERROR

Hello , I got a strange situation on my Panorama 10.0.7 software version . When i'm trying to push security policies from it to managed firewall from a lower OS version like 8.1.x i'm receiving this " hip-profiles is a duplicate node " error . As i understood after some researches is that Panorama is using this HIP-Profile feature , and the ...

Nicu21 by L1 Bithead
  • 2772 Views
  • 1 replies
  • 0 Likes

Is there a way to see all raw data collected by GlobalProtect APP ?

Hi, I see in the below document, that you need to create HIP Object/Profile to view the raw host data collected by the GlobalProtect APP. My question is there a way to skip this step and see all raw host data collected by GlobalProtect APP without defining the HIP object/profile ? https://docs.paloaltonetworks.com/globalprotect/9-1/globalprote...

saswins by L1 Bithead
  • 2310 Views
  • 1 replies
  • 0 Likes

Panorama template limitations

Hi Folks, We had recently migrated HA Firewall pair to Panorama. We had observed that after migration the HA Settings (HA peer IP address, device ID, etc), Management IP address are over-ridden locally on the firewall. I had gone through an documentation stating the limitation of templates. There it is mentioned as Configure the IP ...

So.... Crimea is gone?

Was trying to commit some shared objects and getting an interesting error: Validation Error: shared -> pre-rulebase -> security -> rules -> GeoBlocking_Outbound -> destination 'CE' is not an allowed keyword shared -> pre-rulebase -> security -> rules -> GeoBlocking_Outbound -> destination CE is an invalid ipv4/v6...

Lenz by L0 Member
  • 3310 Views
  • 1 replies
  • 2 Likes

Resolved! Dynamic apps and threats update failed for pattern 8510

We're running a PA-820 physical FW at software level 9.1.12-h3. I tried to manually update the apps and threats pattern published this morning (as we only update daily and it was published about 30 minutes after our system automatically checks). Downloading the pattern works fine, but when I try to install it, it gets to about 49%, then slows do...

SBDC by L1 Bithead
  • 6528 Views
  • 4 replies
  • 0 Likes

Resolved! Panorama log-collector

We have two panorama and newly upgraded to 10.1.3.-h1 and HA and Panorama mode. One log-collector group and two log-collectors . All devices are have them in prefer-list one of log-collectors has 0% avg log/sec . is it normal ?

JeffKim_0-1640199656569.png
JeffKim by L2 Linker
  • 23832 Views
  • 11 replies
  • 0 Likes

Resolved! Question about connection ID Panorama lr or ms

Hello team, What is difference between ID connection ms and lr? I see that daemon is different but I don't undestand the difference between both, Anybody has a sk or similar for I can understand it? I want to confirm that the forwarding is working correctly and why one shows only system logs and the other shows the others. Source IP : De...

Alpalo by L4 Transporter
  • 5120 Views
  • 1 replies
  • 1 Likes
  • 723 Posts
  • 47 Subscriptions
Labels