Migrating Configuration from Panorama/PA-3220 (PAN-OS 9.1.6) to New Panorama/PA-1410 (PAN-OS 11.1.2-h3)

Hi all,

I'm planning to replace my existing Panorama VM and PA-3220 firewall (both running PAN-OS 9.1.6) with a new Panorama VM and PA-1410 (running PAN-OS 11.1.2-h3). My goal is to migrate the existing configuration to the new setup, primarily foc

Panorama HA1 connection daily flips because of buffer space

Hello,

I have a case with TAC regarding this issue for 4 months now so I figured I would try my luck here.

My issue is a HA split-brain problem between Panorama Active and Passive appliances in 2 different physical locations.

The issue is that

Firewall not connecting to Panorama

Hello I have new deployed Panorama and new PA-440 Firewall.

I setup Panorama with all basic settings like IP address/netmask, default GW, DNS, it has license assigned.

Next I generated AuthKey for the firewalls with validity for 10 days and without S

How does Ansible panos_security_rule module work with device_group parameter?

I am trying to gather all the security rules for the specific device_group.

Here is my playbook/YAML file:

Getting system alert-high for Wildfire update failure, failed to extract file

This is occurring on our Panorama.  Content of email alert is:

Type: SYSTEM
Subtype: general
Time: Apr 07 2022 00:12:55 GMT
Severity: high
Details: "Failed to extract file panupv3-all-wildfire-652605-655839.tgz with sha256: 647eedc7698709983f5e9d99dc0428

High Disk Space Usage on / root partition of Panorama

Hi All,

We are experiencing high disk space usage on the root partition of Panorama.

Critical alerts on Panorama is showing "Disk Usage for / exceeds limit, 100 percent in use, cleaning filesystem".

Output of "show system files" is as follows: 

Adding Firewall to Strata Cloud Manager

Hello all, I have a question about Strata Cloud Manager. Does a local firewall configuration import to Strata Cloud Manager when you onboard the firewall? Or is there a way to upload the xml file to the firewall after its managed by Strata Cloud Mana

Forwarding system logs to log collector

Hello,

Currently we have firewall sending Threat and TRAFFIC log types with CEF format to Sentinel workspace through Linux log collector with omsagent.

We need to send the System log types as well from the firewall to the log collector and then in

Panorama PUSH scope shows stale object - 10.2.5-h1

Hi Team

We see an issue with Push Scope on Panorama running Pano-OS version 10.2.5-h1. We see 2 objects still under Push Scope when we have already completed the Push.

These are two objects which are present no matter what changes you in do in Secur

Panorama and PANOS RADIUS Authentication Failing after upgrade to 10.2

Hello, 

Thought I would pass on this solution I found.  After upgrading our Panorama from 10.1 to 10.2, our RADIUS authentication no longer worked.  The root cause was our Microsoft RADIUS server was using TLS 1.0 for the PEAP-MSCHAP TLS handshake an

How can I provde M-200 System drive is normal

Dear Community,

The customer has an SSD LED that is blue and flashing. And the document only provides HHD status was bule and have not any information about SSD.

Cause I cannot find any documents to provide M-200 System device (SSD) is in normal

SAML for external admin, local admin for internal admin

Hi, been racking my brain trying to figure this one out.

Essentially, to comply with regional guidelines for our client, we are enforcing MFA for all administrative accounts on the Palo Altos, which are internet facing. 

I have implemented SAML authe

Connection between pxGrid and Panorama failed

Hi,
I am currently trying to integrate Cisco pxGrid into PAN Panorama. I am using the Trustsec Plugin 2.0.0 & PAN-OS 11.1.2-h3. I have successfully created an account in the ISE and verified it. But when I create the pxGrid Server in Panorama I see th

Cannot create auth keys

Trying to generate an auth key to setup some dedicated log collectors.

Tried in the GUI and CLI. In both instances I get the error, "Failed to add authkey. Failed to update DB."

Runing 11.0.2-h2. Any suggestions?