Hi SecGuru thank you so much for your videos it helps me a lot in my everyday work. I have a question for you. The situation is like this. We have a Panorama with version 8.1.23 and this Panorama manages 2 HA firewalls but since 8.1 is already EOL i need to upgrade it to 9.x or 10.x The problem is the hardware does not support either 9.x or10.x and my company does not want to upgrade the hardware memory to be able to handle the new version. Now my only option is to remove the 2 HA firewalls from the Panorama and will make them as standalone. Meaning whenever i need to make changes or manages the firewalls i will do it directly on the firewalls and not on the Panorama. Then I can decomm my Panorama. Can you please help me to perform this task? Or maybe you can make a new video that i or all your subscribers can follow? Thank you very much in advance and keep it up!
@secguru61042 жыл бұрын
Thank you for your comment, may you share the hardware model of panorama? Just wanted to double check if we have any options.. also how many more firewalls are being managed through panorama now ?
@zacragoonath Жыл бұрын
Did you have to manually install the base 9.0 and 10.0 versions? It seems that you only installed the preferred release.
@Seansaighdeoir2 жыл бұрын
Thank you that is helpful and informative. What it doesn't reference is the application version content software that must be deployed with each version upgrade? I suspect you are running a version without the requirement for threat content upgrades - i.e no threat licence installed?
@mohansingh7762 жыл бұрын
Thank you so much for valuable information would expecting more videos :)
@prasanth020619852 жыл бұрын
Thanks for your efforts in posting this video
@secguru61042 жыл бұрын
Thanks for the immense comment! Please subscribe and refer to your friends
@warronfrench8163 Жыл бұрын
@SecGuru, great video. Sorry to ask this as I am usually performing Linux administration and not network device software updates, but can you tell me please; are the upgrade paths similar to Gitlab whereby you have to upgrade to the last minor release of your OS, before hopping over to the next major release? Thank you in advance.
@TheSuperscalar Жыл бұрын
@SecGuru, great video. I found the palo alto document "Determine the Upgrade Path" and it just only download base image 9.0.0 (not install) and then download and install the latest preferred (9.1.xx) . Can you confirm whether we need to install and reboot on the base image or not?
@aquadir28302 жыл бұрын
Waiting for more videos 👍👍
@secguru61042 жыл бұрын
Sure 😊
@kiranjunnur2 жыл бұрын
very useful learned a lot from the video
@secguru61042 жыл бұрын
Thank you
@MacroLife Жыл бұрын
Thanks for you, very useful
@amitb76112 жыл бұрын
According to Palo alto documentations both of the firewalls should have same PAN-OS versions, so when we upgrade and reboot the secondary it will have a different version than primary active. So my question is how does the both firewalls sync the connection tablee?
@secguru61042 жыл бұрын
That’s why we need to break the HA and do upgrades
@amitb76112 жыл бұрын
@@secguru6104 in that case thare won't be full connection sync happening and it won't be a Zero downtime upgrade. am i right?
@secguru61042 жыл бұрын
Once we break HA there won’t be sync between the devices and still with zero downtime we can do upgrade with second device, order goes like this After breaking Ha, Secondary first and primary next
@daddyg7680 Жыл бұрын
The maintenance ver and preferred ver is the same?
@nithyag48523 жыл бұрын
Hi this is very useful and you explained very well. I have configured palo alto using vm ware workstation and eve-ng. My Palo alto firewall has internet connection but I did not get any software updates. what could be the reason?
@secguru61043 жыл бұрын
Thank you, you need to check if DNS configured along with ACL required for Palo Alto updates communication. Check system logs as it will provide additional information for your traffic.
@ayyajmahajan78022 жыл бұрын
@@secguru6104 Hi at the starting of video 1.23 min you mentioned recommended step, the backup which you have taken.. When to use that backup? In which condition that backup is useful and how to use it?
@sridharbv67913 жыл бұрын
plz will do Packet Capture Filters via CLI using debug commands ?
@secguru61043 жыл бұрын
Sure, thanks for the feedback
@secguru61042 жыл бұрын
check this video kzbin.info/www/bejne/qaO0faNmoMh9qbs
@aquadir28302 жыл бұрын
Thank you so much..🙏🙏
@danhip2442 Жыл бұрын
Hello. how can i find out the maintance release?
@ChrisGapske2 жыл бұрын
Thank you .. I will say Palo Alto Update is poorly designed. It should not make you do so many updates to get where you need to be.
@secguru61042 жыл бұрын
I can understand but I hope you were able to achieve what you needed!