This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.
About Panorama Discussions
Post discussions about Panorama, a centralized network security management solution for all your Palo Alto Networks firewalls irrespective of their form factors or locations, in this forum.

Discussions

Start a conversation

Welcome to the Panorama Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4842 Views
  • 0 replies
  • 0 Likes

Resolved! How to upgrade software in firewalls when firewalls are managed by panorama

1.if firewalls are managed by panorama, Should we need to upgrade only from Panorama or can also upgrade from firewall as well ?2. if firewalls are managed by panorama, how to backup config for the specific firewall ? should we need to take config backup only from panorama or can also take backup from firewall as well ? 3.if firewalls are manage...

perumalj by L2 Linker
  • 4687 Views
  • 1 replies
  • 0 Likes

Custom Admin Template Examples for GP Admin and Network Engineer?

So recently we (as in voluntold lol) decided to get rid of our dedicated Cisco L3 devices and move the L1 (VMWire) only FW's into L3 as a "cost saving measure". Won't get into how much I hate this but the decision has been made. Also this entire thing is managed via Panorama so don't need "do local FW overrides of templates". Also virtual syst...

PeterT by L2 Linker
  • 2569 Views
  • 1 replies
  • 0 Likes

Cant push config due to error

Getting error when trying to push configs from Pan - checked policy and it looks fine was not a problem previously? Details:. Validation Error:. rulebase -> security -> rules -> Deny_Inbound_Internet_Bad_IPsBOTNET -> source-hip unexpected here. rulebase -> security -> rules is invalid. Commit failed

After changing exiting object name at panorama, got commit failed message

• . Validation Error:. rulebase -> security -> rules -> <our rule name A>-> source ‘<want to amend object name> is not an allowed keyword. rulebase -> security -> rules -> <our rule name A>-> source ‘<want to amend object name> is an invalid ipv4/v6 address. rulebase -> security -> rules -&gt...

Multiple Virtual Routers in a single system - Issues with Failover in an Active/Standby setup

Hello, We have a pair of PA5050 appliances that operate dual virtual-routers in order to provide dual ISP connectivity using eBGP between them. We also have some site to site and AWS VPNs terminating on VR1 and GlobalProtect VPNS terminating in VR2. The issue we have seen is that when upgrading the PAN-OS, the appliances fail over as do se...

Configuring shared interfaces, VLAN interface and virtual switch On Vsys

I am looking for information on following configuration. Reference document, link or video will be a great help. - How to set up a shared interface for multiple V-sys? - How to set up VLAN interface (L2/L3) on specific V-sys? - Do we have a virtual switch concept in v-sys configurations so that resources (servers) in the v-sys zones can commun...

Harsh by L0 Member
  • 2114 Views
  • 0 replies
  • 0 Likes

Resolved! Issue with Panorama import

While doing policies import to newly added FW , mistakenly i didn't uncheck the box as shown below in the snapshot ( "Import device's shared object into Panorama shared context ...." , consequently Panorama imported FW template in already created Device groups which is undesired - I see no option to remove these unwanted template from other devi...

farmangee_0-1633973049223.png

Panarama migration M-100 to M-200

So I have been running my Panorama on an M-100 since I inherited it, now the M-100s are end of life and it is time to move on. So I bought an M-200, seemed reasonable at the time. Now trying to migrate, after working with TAC for a couple of weeks, they tell me you can't migrate M-100 to M-200? It is actually in the documentation. What The.....

jdemares by L1 Bithead
  • 5135 Views
  • 1 replies
  • 0 Likes

Logging service license not assigned from Panorama to FW

There's deployment with Panorama and currently one HA PA pair managed by it. Panorama sitting at 9.1.5, firewalls at 9.1.4.Cortex Data Lake license is assigned to Panorama and seen in the Panorama -> Licenses section. In order for the firewalls to send the logs to Data Lake, I followed this guide: https://docs.paloaltonetworks.com/cortex/cort...

nikoo by L3 Networker
  • 9945 Views
  • 5 replies
  • 0 Likes

changing a gateway's management IP?

If i have a gateway managed via Panorama, what would be the steps needed if that gateway's management IP needs to change? The actual change of IP is straight forward. But then what about the changes needed between Panorama and that gateway?

Resolved! Is Panorama running on 10.1 the only version able to generate a stats dump file for managed firewalls

Is Panorama running on 10.1 is the only version able to generate a stats dump file for managed firewalls? Seems crazy to me but that's what I've been told, how are large customers pulling Stats Dump Files across 100+ firewalls? I'm sure it can be scripted but I wanted to confirm no GUI option before 10.1. Thanks

Resolved! Panorama (eth1/1) to firewall (Loop0 or vlan interface) configuration push

Panorama (eth1/1) to firewall (Loop0 or vlan interface) configuration push Hey guys Not sure if it's a valid solution but I need your advise. Panorama - M500 FW - PA3220 Scenario 1: Panorama (MGT Interface) <---------- (MGT Subnet) ----------> (MGT Interface) Firewall can push the config from Panorama to FW everyth...

Resolved! Panorama different Dynamic Update Sections

Trying to figure out what Panorama > Dynamic Updates are used for, the Device Deployment updates make sense but not sure what Panorama > Dynamic Updates is actually doing if anything.. Panorama > Device Deployment > Dynamic Updates vs Panorama > Dynamic Updates Thanks

Okta SAML with Panorama - No Self-Signed Cert allowed now

I have a question about the Common Name used on the cert for Panorama SAML login with Okta. Palo is not allowing self-signed cert for SAML anymore and requires the cert to be signed by a 3rd part CA. I need help understanding what Common Name to use in the CSR, CA vendors require an external FQDN be used but this is for Panorama Admins and is no...

  • 845 Posts
  • 47 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks