This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4916 Views
  • 0 replies
  • 0 Likes

Resolved! Migrate firewall to New Panorama and IPSEC VPN Preshared key is not migrating over with the config

I have migrate 4 firewalls from old panorama VM to new panorama VM and notice the preshared key for IPSEC is missing. My customer have lost their all IPSEC VPN preshared key is there any method I can migrate the firewall to new Panorama I can migrate with the Panorama. We are following below guide to migrate the panorama https://docs.paloalto...

JiaXiang by L4 Transporter
  • 3558 Views
  • 1 replies
  • 0 Likes

Commit issue after upgrade Panorama 9.1.13-h3

After upgrade panorama to 9.1.13-h3 version, I faced with some problems. ( 9.1.13-h3>preferred release) When Location Shared is selected when changes are made to the objects on the panorama, it does not commit to all related devices.In this version, when it is Shared, it automatically commits the location to all relevant branches without sele...

Master User-id device receives non-functioning configuration for userID Group Include list from Panorama

I have a User-Id configuration that has been working successfully for 6 months. I went to add a new group to the group include list, and the syntax that was written from Panorama had JUST the group name in this form :domain\group_name. The working groups as listed by running the 'show config merged | match group-include-list' all have a syntax...

Prevent users to use outlook email from public network

Hi All We want to block Microsoft Outlook client for our end user so that they cannot download or access their emails while connected to public WiFi. We don't want to block OWA (outlook web access) because that doesn't download emails on the user computers. We are hosting exchange server internally and not using office365. Can someone please s...

rest API for auditing Panorama

Hi, I need to do an audit for panorama to check for objects created and linked to security rules. Is it possible to do it using rest API and script? any help will be appreciated. Thanks, Abdel

Resolved! Fail to migrate Palo HA FW to Panorama Mgmt

Hello, I tried to migrate Palo HA FW to Panorama mgmt as per below guideline link, but fail in step 5.5. this is the step what I did; - Clear "Enable Config Sync" on both FW (OK)- Connect both FW to Panorama (OK)- Add both FW to Panorama (OK)- Import config of both FW into Panorama (OK, but show alert icon(indicate "HA: not in operation") device...

zinkt101 by L1 Bithead
  • 9232 Views
  • 8 replies
  • 0 Likes

Panorama logs - using local Panorama VM disk for logging - unable to view logs from firewalls prior to 00:29

I have Panorama VM running in "Panorama mode" on VM ESXi, version 10.1.4 I have configured "managed Collector" to be Panorama, and diskA (which is a 2TB disk) with a "Collector Group" for 1x HA firewalls to send logs to When i view the logs in Panorama, i see the logs from the firewall devices, but i never see the logs from the previous day...

CarlUK by L0 Member
  • 2468 Views
  • 1 replies
  • 0 Likes

Resolved! Log forwarding to syslog server from Panorama or Firewall

Hello everyone, I have a question for log traffic and forwarding to syslog server. I have one panorama that managed a firewall pa-5250 and I see log traffic on two devices. But when I want to forward it to a syslog, I have to forward panorama's log or firewall pa-5250's log ? Thank's in advance !!

EndritK by L0 Member
  • 5640 Views
  • 2 replies
  • 0 Likes

Logs from secondary Panorama

Hello Team, We are having two panorama's configured in HA. As of now all the traffic is been handled by Primary Panorama and secondary is on handby. Now can we use the secondary panorama for log collection to decrease the CPU on primary? if so kindly let us know how ?

Goutham by L0 Member
  • 2282 Views
  • 1 replies
  • 0 Likes

Resolved! Referencing items in a template that are defined in another template.

I have one template that had most of my default settings that get pushed to all my firewalls. In this template, I have defined authentication profiles. I have another template that I am using to push Global Protect Portal/gateway settings to a firewall. Both of these templates are in the same template stack. The problem I am having is th...

RHuss1 by L1 Bithead
  • 6593 Views
  • 2 replies
  • 0 Likes

Resolved! Gets "import -> network -> logical-router unexpected here" when push to device

Hi, I did a factory reset and upgraded my PA-220 to 9.1.12-h3. Installed device certificate and licenses. No interface, no policys, just a clean firewall. Connected successfully it to my Panorama 10.1.3-h31 and successfully made an import. When doing an export I get: Validation Error:import -> network -> logical-router unexpected hereimp...

Panorama Template Address Object Caveat

When trying to migrate a HA pair of PA 3250's into Panorama 10.1, address objects used for BGP Remote Peers aren't supported. Objects were imported to Panorama Shared location using Device import process. Address Objects either in a specific Device Group or the Shared location are not listed when trying to configure a BGP Peer. Images included ...

Address Objects.JPG
BGP.JPG
benlewis by L2 Linker
  • 1630 Views
  • 0 replies
  • 0 Likes
  • 853 Posts
  • 47 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks