This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4841 Views
  • 0 replies
  • 0 Likes

Panorama collector statistic

Anyone tell me what the day mean in Managed collector > statistics > oldest log ? I just checked the day and I found something is weird. 1) when I checked it less than 7 days , it almost matched with current local times 2) And oldest log day is increased a day per day , but i can't see traffic log over 8 days from current local time.

JeffKim_0-1643386696390.png
JeffKim by L2 Linker
  • 2209 Views
  • 1 replies
  • 0 Likes

Has anyone used Panorama to import a configuration from HA 5060s to use on new generation 5450s?

Goal is to replicate the current configuration from production 5060 firewalls to replacement 5450s firewalls. The intent is to use Panorama to bridge the OS difference between the 5060s (highest os 8.1.x) and 5450s (start with 10.1.x). The 5060s are HA and on panorama for object sharing but the policies (security, nat, pbf) are localized. Bot...

Resolved! Can't commit from Panorama due to mis-match Vsys number between Pan and local box

wanted to know if anyone has ever experienced this issue. recently configured a new Vsys "Vsys6" which was successfully added to the correct Template_stack and device groups. everything worked fine for 2-3 weeks, however last night after adding 2 Sec.policies to the new Vsys. the commit failed. FYI for security i've edited the zone names and pol...

Resolved! Exact Log4J version on Panorama 9.0.15

Hello everyone, I just upgraded our Panorama servers to 9.0.15, but our SOC team is asking to know the exact log4j version included in this hotfix release, because they want all appliances to be upgraded to log4j 2.16. According to this page (https://docs.paloaltonetworks.com/oss-listings/panorama-oss-listings/panorama-9-0-open-source-softwa...

grenzi by L3 Networker
  • 2931 Views
  • 1 replies
  • 0 Likes

Resolved! want to add third log collector in Panorama HA

We have two panorama (M200) in HA with single collector group , local log collector of both panorama we have added in same collector group and enabled redundancy.Due to low disk-space we want to add one more log collector. So there will be three log-collector in same LC group. Can I add third LC ,( if Panorama in HA and already added LC's are pa...

Deepak25 by L3 Networker
  • 5187 Views
  • 7 replies
  • 0 Likes

Resolved! Restore Panorama after hardware failure

How do I restore Panorama configuration? I do a "Scheduled Config Export" every night. Old Panorama VM had to be rebuilt from scratch. No access to old VM. I have rebuilt the VM from OVA. When I try to "Import name Panorama configuration snapshot" per restore documents I get an error that the file is not an .xml. What is the procedure to use...

Joel_W by L1 Bithead
  • 6880 Views
  • 3 replies
  • 0 Likes

Tagging all ENIs in AWS with Panorama plugin

The AWS plugin grabs tags of ENIs for EC2 and ALB. It does not get tags for ELB Classic, or ECS or any other ENIs as far as I can tell. I want to be able to control traffic with tags on ENI's attached to things other than ALB/EC2 (e.g. ECS container ENIs, AWS-offered services, etc). Has anyone found a way to get these tags and put them into p...

what is the difference between "commit to panorama" and "save changes"?

I do see commit and config options in Panorama. I am aware that commit option is used to push configuration to Panorama and then to Managed firewalls. I would like to know when to use "save changes" and what is it for under config options.if possible , Please also explain about Lock option. Lock option is used to lock commit when multiple users ...

perumalj by L2 Linker
  • 3845 Views
  • 1 replies
  • 0 Likes

HIP-PROFILES IS A DUPLICATE NODE ERROR

Hello , I got a strange situation on my Panorama 10.0.7 software version . When i'm trying to push security policies from it to managed firewall from a lower OS version like 8.1.x i'm receiving this " hip-profiles is a duplicate node " error . As i understood after some researches is that Panorama is using this HIP-Profile feature , and the ...

Nicu21 by L1 Bithead
  • 2671 Views
  • 1 replies
  • 0 Likes

Is there a way to see all raw data collected by GlobalProtect APP ?

Hi, I see in the below document, that you need to create HIP Object/Profile to view the raw host data collected by the GlobalProtect APP. My question is there a way to skip this step and see all raw host data collected by GlobalProtect APP without defining the HIP object/profile ? https://docs.paloaltonetworks.com/globalprotect/9-1/globalprote...

saswins by L1 Bithead
  • 2232 Views
  • 1 replies
  • 0 Likes

Panorama template limitations

Hi Folks, We had recently migrated HA Firewall pair to Panorama. We had observed that after migration the HA Settings (HA peer IP address, device ID, etc), Management IP address are over-ridden locally on the firewall. I had gone through an documentation stating the limitation of templates. There it is mentioned as Configure the IP ...

So.... Crimea is gone?

Was trying to commit some shared objects and getting an interesting error: Validation Error: shared -> pre-rulebase -> security -> rules -> GeoBlocking_Outbound -> destination 'CE' is not an allowed keyword shared -> pre-rulebase -> security -> rules -> GeoBlocking_Outbound -> destination CE is an invalid ipv4/v6...

Lenz by L0 Member
  • 3232 Views
  • 1 replies
  • 2 Likes
  • 845 Posts
  • 47 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks