Panorama Discussions

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Need to upgrade the Panorama version to 9.1.12-h3 to mitigate log4j vulnerability

Hi Team,

We are running Panorama on VM-Ware ESXI. We need to install 9.1.12 -h3 version but whlle going to software session to download 9.1.13 h3 we could see multiple PAN-OS versions in 9.1.12-h3 itself.

Could anyone let us know which OS-Version

...

Managing HA Settings of firewall locally instead of managing it from Panorama

Hi Folks,

We had recently migrated HA firewall to Panorama using the below documentation

Migrate a Firewall HA Pair to Panorama Management:

https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/manage-firewalls/transition-a-firewall-t

...

worldarchitecturenews.com is blocked in URL filtering by news category

The URL: worldarchitecturenews.com

was earlier accessible through port 80 but later on it migrated to port : 443 and it became inaccessible. Giving block page when trying to access the URL. The URL is blocked under news category with no Applicatio

...

Packet Deny even if there is an allow rule

Hello,

we're encountred an issue with SAAS service, we created a security rule

but randomly we had issue during connection into the application, after packet capture, I saw a lot of tcp retransmission and client reset

When I checked the pa

...

Resolved! HTTP Response traffic

Hi guys, I have been seeing that when making an http connection that goes through the PA firewall, the request is logged, but the return message is not, that is, when in panorama I filter the traffic by source ip I see the http request but I do not s

...

Resolved! Failure to Commit changes in Panorama after removing a firewall as managed device

I removed a firewall that is managed through Panorama by going to Panorama > Managed Devices > Summary, selecting my firewall then selecting delete. This removed the firewall for me succesfully. However, when I go to make a Commit in Panorama it thro

...

Log4j

What would I look for in logs if I were looking to see we had already been owned by this?

Because of CVE-2021-44228, need to upgrade Panorama

Managed Palo Alto firewalls are running 9.1.11 and are unaffected by CVE-2021-44228 but Panorama running 9.1.11 is. If I upgrade Panorama to 10.1.2, will I have any problem with it seeing and managing the managed Palo's still running 9.1.11?

Panorama upgrade to 10.1.3-h

Panorama mgmt has been upgraded from 9.1.10 to 10.0.0 and then to 10.1.3-h. Post the upgrade, logs are not showing up in the monitor and not able to commit any changes.

Palo alto firewalls are running with 9.1.6 version; is it a compatibility issue

...

Resolved! New Object not showing in Panorama

Hello,

We are trying to build templates with IP addresses that are relevant to a device group.

I have created a TEST_TEMPLATE under Panorama>Templates with NO devices added yet.

Then created 'CORP' in the Device Groups.

After this, created a device gr

...

Resolved! CVE-2021-44228 / Panorama

As most are aware, Panorama running 9.x are affected by log4j vulnerability. The security advisory mentions "This issue is only applicable to Panorama hardware and virtual appliances that have run in Panorama Mode or Log Collector Mode as part of a

...

How to use ip public by from organization

Hi every one,

I'm very nice to tall to you. I dont know how to use block IP that I bought from the Organization. When I bough block of IP, I got an AS number. I hire transit ip service from ISP. I config BGP to neighbor with ISP, after that, I dont

...

Resolved! Device deployment from Panorama

Panorama > Device Deployment > Dynamic Updates > Applications and Threats

Not all of my devices are showing up? If I choose install for the "contents" they all show (current or older versions), but not if I choose install for "Apps".

All versions o

...

Disable inherited policies in a Device Group

I'm guessing this would be a Feature Request, as it's something that's not available in Panorama 7.x, 8.x, or 9.x (haven't checked 10.x).

Is there a way to disable Policies (whether Security, NAT, QoS, etc) that have been inherited via the Device G

...

Migrate Panorama from Azure to ESXi is failed

I am trying migration Panorama with following procedure but have not succeeded, yet.

https://docs.paloaltonetworks.com/panorama/8-1/panorama-admin/set-up-panorama/transition-to-a-different-panorama-model/migrate-a-panorama-virtual-appliance-to-a-di

...

Discussions

Welcome to the Panorama Discussions!

Rules and Best Practices

Resolved! Need to upgrade the Panorama version to 9.1.12-h3 to mitigate log4j vulnerability

Managing HA Settings of firewall locally instead of managing it from Panorama

worldarchitecturenews.com is blocked in URL filtering by news category

Packet Deny even if there is an allow rule

Resolved! HTTP Response traffic

Resolved! Failure to Commit changes in Panorama after removing a firewall as managed device

Log4j

Because of CVE-2021-44228, need to upgrade Panorama

Panorama upgrade to 10.1.3-h

Resolved! New Object not showing in Panorama

Resolved! CVE-2021-44228 / Panorama

How to use ip public by from organization

Resolved! Device deployment from Panorama

Disable inherited policies in a Device Group

Migrate Panorama from Azure to ESXi is failed

Process to Rebuild Panorama with Prisma Access & Prisma SDWAN

Panorama - HA - Last primary-suspended state reason: User requested

Usergroup

Palo Alto M700 power failure LED

Upgrade to 11.1.4-h1 for both Panorama and managed firewalls

Re: How to Fully Back Up Panorama VM in Azure

Panorama Splunk Logs Forwarding

Re: Panorama PUSH scope shows stale object - 10.2.5-h1

Re: All committed entries with commit version < 3434 have been cleaned up from the replay database.

Re: HA cluster status 'cluster-unknown'

Unlock your full community experience!

Panorama Discussions

Rules and Best Practices

Resolved! Need to upgrade the Panorama version to 9.1.12-h3 to mitigate log4j vulnerability

Resolved! HTTP Response traffic

Resolved! Failure to Commit changes in Panorama after removing a firewall as managed device

Resolved! New Object not showing in Panorama

Resolved! CVE-2021-44228 / Panorama

Resolved! Device deployment from Panorama