This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4905 Views
  • 0 replies
  • 0 Likes

Resolved! Correct process for adding new firewalls to panorama and then migrating

I am migrating 820's to 3410s. What is the correct process for adding the two new palos in HA and pushing the new templates and adding them to a device group. Basic configuration is in place. I have cloned the template I wish to use amended the interface settings and added the 3410s to the new stack. When pushing the template I get the error...

MAllen_0-1754595694198.png
M.Allen by L1 Bithead
  • 5235 Views
  • 4 replies
  • 0 Likes

WildFire job stuck at 49% on Panorama M-200 Appliance

Panorama M-200 hung on an active job at 49%. At this writing, it is pushing an hour. Started the upgrade from 10.1.x to 11.1.6-h10. Upgrades through 10.2.0 and 11.1.0 seemed to have worked fine. There are a pair of M200s in HA. The other M200 finally finished the job after about 30 mins. Any ideas? What other details can I provide?

jadanet by L1 Bithead
  • 594 Views
  • 0 replies
  • 0 Likes

Resolved! Commit failure due to ha1-backup interface

I recently imported a new pair of ha firewalls into Panorama; however, when I push the template with the option force template value enabled, I receive the following error: ************************************************************************** High-availability ha1-backup interface ipaddr configured to match peer-ip-backup address ( module: ...

Panorama changes after static route added

We have added a static route to our Palo firewall through Panorama GUI and before committing the change when we compare the candidate config to running config it shows removal of some static route metrics for all static routes, even though we only added one new route. We have added routes in the past and this has not happened. We don't think thi...

Panorama SD-WAN Zone Mapping? No longer needed or no longer available?

I know this has been posted in the past, but I want to check if there are some new answers before reaching out to our SE. There is a "known issue" where the zone mapping tab was removed from Panorama. The current documentation still mentions the need to map the pre-defined zones to existing zones when adding the device to SD-WAN or via CSV. The ...

VRT-JH by L1 Bithead
  • 1155 Views
  • 1 replies
  • 0 Likes

Panorama REST API Discrepancy

Hi folks!I've got a pet project to automate the provisioning of our new site firewall templates via the Pano REST API. While doing some cursory looking, I noticed that there's no endpoint in the v11.1 API docs to interact with ethernet interfaces. I did some RTFM and noticed that previous API versions had the 'network/ethernetinterface' endpoint...

kyleb03 by L0 Member
  • 1024 Views
  • 0 replies
  • 0 Likes

Can I Decrypt OpenVPN

Hello, I want to decrypt traffic to my OpenVPN server so I can perform URL filtering and IPS checks on users connecting to it. I have the OpenVPN server's CA certificate and key. Do you have any idea ?

push from panorama to PA firewalal failed because of " is already in use because of policy and NAT already in use)

Hi,We have panorama in 9.1.9 version and PA-220 in same version. we imported configuration from pa to panorama, added just e pôlicy rule and pushed again the template and device group to same firewall. but then we get always pushh failed with errors saying NAT rules and policy rules are already in use ! is that normal ? we have exactly the same...

Elwess by L0 Member
  • 12812 Views
  • 3 replies
  • 0 Likes

Does Panorama Forward These Events to External SIEMs via Syslog by Default?

Hi everyone, We're currently integrating Palo Alto logs (via Panorama) into our SIEM solution (Wazuh) using syslog, and I wanted to confirm the log types that are forwarded by default or require additional configuration. Specifically, does Panorama forward the following events out-of-the-box via syslog? Malware/Spyware detections Command and...

VPN between palo alto and Meraki with dynamic WAN ip address

Hello Mams and Sirs... I am stuck in a unique issue. Meraki has 2 WANs - primary one is static and secondary one is dynamic. They have 4 Lan subnets. The initial plan was to use their FQDN as remote peer and they would take care of the VPN failover. But, in ikev2, we could reach only one of their 4 subnets. When I switched to ikev1, I could rea...

msdphi by L2 Linker
  • 577 Views
  • 0 replies
  • 0 Likes

Limitation on Panorama (license) used by VM-series

Hello experts, Not sure this should belong to Panorama or VM-series, We have a Panorama for log collection already for on-perm ngfw.Planning to purchase more ngfw firewall for AWS and Azure with BYOL (NGFW credits) 1) is there any limitation (e.g max number of Gateway managed) if we also purchase the credits for panorama (for mgt and logs) ? ...

Admin GUI Login Fails on WAN Interface - Slow Load & "Single Sign-On" Error on PA-410

Hello Community, I'm hoping to get some expert advice on an issue I'm facing with a single PA-410 firewall. I've done some initial troubleshooting, but would appreciate a second opinion on the cause and the best path forward. The Problem When I enable management access on our public WAN interface (ethernet 1/1), I cannot log in to the Admin We...

bvantala by L0 Member
  • 1507 Views
  • 0 replies
  • 0 Likes

Firewall rules not getting reflected in Cloud NGFW

Hi, We have a on-prem Panorama which manages Cloud NGFWs. We have observed intermittently that the Firewall rules deployed from Panorama are not getting reflected in Cloud NGFWs. There are no visible errors that are generated with Panorama showing the deployment as "Completed". Is there any reason for which it could be happening ?

Panorama can't show specific timeframe log

Hi community, I have a question. I’m experiencing an issue where Panorama does not show logs for a specific time frame. However, when I check directly on the firewall, the logs for that time frame are visible. I've already confirmed that the log forwarding configuration is correct, and everything seems to be working fine—except when filtering ...

panos_commit_panorama commits all pending changes regardless of user specified in admins list.

Ansible playbook snippet: ------------------------------------------------------------ collections: paloaltonetworks.panos vars:panorama_provider:ip_address: {{ panorama_fqdn }}username: {{ username }}password: {{ password }}tasks: name: Commit Configpanos_commit_panorama:provider: {% raw %}"{{ panorama_provider }}"{% endraw %}sync: trueadmins:...

  • 853 Posts
  • 47 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks