Migrating Configuration from Panorama/PA-3220 (PAN-OS 9.1.6) to New Panorama/PA-1410 (PAN-OS 11.1.2-h3)

Hi all,

I'm planning to replace my existing Panorama VM and PA-3220 firewall (both running PAN-OS 9.1.6) with a new Panorama VM and PA-1410 (running PAN-OS 11.1.2-h3). My goal is to migrate the existing configuration to the new setup, primarily focusing on the PA-1410, and eventually decommission the PA-3220 without connecting it to the new Panorama VM.

My main concerns are:

1. What's the best way to adapt the PA-3220's configuration for the PA-1410, considering they have different PAN-OS versions and potentially different hardware capabilities?
2. Are there any specific guidelines or tools to help with the manual integration of the PA-3220's configuration into the new Panorama?
3. What are some common pitfalls or challenges I might encounter during this migration process, and how can I mitigate them?

Any advice or insights would be greatly appreciated!