This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Nonno1
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Nonno1
03-25-2016
3Posts
1Like
0Solutions
Mar 25, 2016Last Visited
User
Activity
User
Profile
Latest posts by Nonno1
| Subject | Views | Posted |
|---|---|---|
| 1623 | 03-06-2014 05:33 AM | |
| 1690 | 03-05-2014 08:32 AM | |
| 1087 | 03-05-2014 07:32 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 03-06-2014 05:33 AM |
User Badges
Community Statistics
| Member Since | 01-13-2014 04:30 AM |
| Date Last Visited | 03-25-2016 06:32 AM |
| Posts | 3 |
| Total Likes Received | 1 |
03-06-2014
05:33 AM
1 Kudo
I will give this a try. Our SE answered my question this morning also. The only addition he made was to Disable Config Sync in the FWs before pushing configuration from Panorama. Thank You
... View more
03-05-2014
08:32 AM
I followed the instructions from “Panorama-Device-Migration-Tech_Note-revB.pdf” using the CLI method to capture the configuration of an HA Pair of 5060 running PAN OS 5.0.11 and paste it to the Panorama running PAN OS 6.0. The Migration Checklist states during the cutover process to cutover 1 firewall first. The document states after deleting the Rules, objects etc. on the FW, when committing the configuration to the HA pair, follow the documented HA procedure to minimize network impact. What are they referring to when they say “follow the documented HA procedure? I cannot find anything referencing what they mean. I figure I should leave the passive FW alone and do the Active one first because when doing a commit on the Active FW it usually pushes the configuration to the Passive FW. But, What impact does the Device Group have when you set the FWs up as an HA pair in the Device Group? Also, when deleting the items from the Active FW, should I also delete them from the Passive FW? Another approach that I have read is to rename the objects, policies etc. on the Panorama then commit it to the FWs. What does that do to the existing configuration on the FW? Is there now a duplicate configuration with a different set of names? Or does it overwrite the existing configuration? Lots of questions and scenarios that I cannot find answers to anywhere.
... View more
- Tags:
- panorama
Labels:
- Labels:
-
Configuration
-
Panorama
03-05-2014
07:32 AM
I followed the instructions from “Panorama-Device-Migration-Tech_Note-revB.pdf” using the CLI method to capture the configuration of an HA Pair of 5060 running PAN OS 5.0.11 and paste it to the Panorama running PAN OS 6.0. The Migration Checklist states during the cutover process to cutover 1 firewall first. The document states after deleting the Rules, objects etc. on the FW, when committing the configuration to the HA pair, follow the documented HA procedure to minimize network impact. What are they referring to when they say “follow the documented HA procedure? I cannot find anything referencing what they mean. I figure I should leave the passive FW alone and do the Active one first because when doing a commit on the Active FW it usually pushes the configuration to the Passive FW. But, What impact does the Device Group have when you set the FWs up as an HA pair in the Device Group? Also, when deleting the items from the Active FW, should I also delete them from the Passive FW? Another approach that I have read is to rename the objects, policies etc. on the Panorama then commit it to the FWs. What does that do to the existing configuration on the FW? Is there now a duplicate configuration with a different set of names? Or does it overwrite the existing configuration? Lots of questions and scenarios that I cannot find answers to anywhere.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks