Panorama Interconnect Administrator’s Guide
    : Import Multiple Firewalls to a Panorama Node
    Focus
    Download PDF
    Focus
    1. Home
    2. Panorama
    3. Panorama Interconnect Administrator’s Guide
    4. Manage Firewalls with Panorama Interconnect
    5. Import Multiple Firewalls to a Panorama Node
    Download PDF

    Panorama Interconnect Administrator’s Guide

    Import Multiple Firewalls to a Panorama Node

    Table of Contents

    Import Multiple Firewalls to a Panorama Node

    Bulk import firewall to be managed by a Panorama™ Node on Panorama Interconnect.
    You can import multiple firewall to be managed by a Panorama™ Node using a CSV template provided to you during the import procedure. Importing multiple firewalls at once allows you to quickly add multiple firewalls to Panorama Nodes, and assign them to a template stack and device group to centralize its configuration management.
    When importing multiple firewalls, you can add firewalls to different Panorama Nodes, and different template stacks and device groups. For example, you have deployed Panorama Node A and Panorama Node B, each with two template stacks and two device groups. If you are importing 100 firewalls, they can be imported in the following way:
    • Add 50 firewalls to Panorama Node A:
      • Assign 25 firewalls to template stack A1 and device group A1.
      • Assign 25 firewalls to template stack A2 and device group A2.
    • Add 50 firewalls to Panorama Node B:
      • Assign 30 firewalls to template stack B1 and device group B1.
      • Assign 20 firewalls to template stack B2 and device group B2.
    To add a single firewall, see Add a Firewall to a Panorama Node.
    If your Panorama and managed firewalls are running PAN-OS 10.1 or later release, you must also create and add the device registration authentication key. See the Administrator’s Guide for the Panorama Interconnect plugin version 1.1 for more information.
    1. Configure the firewall to communicate with the Panorama Node.
      Repeat this step for all firewalls to be managed by a Panorama using the Interconnect plugin.
      1. Perform initial configuration on the firewall so that it is accessible and can communicate with Panorama over the network.
      2. Add the Panorama Node IP address to the firewall.
        1. Select
          Device
          Setup
          Management
           and edit the Panorama Settings.
        2. Enter the Panorama IP address in the first field.
        3. (
          Optional
          ) If you have set up a High Availability pair in Panorama, enter the IP address of the secondary Panorama in the second field.
        4. Click
          OK
          .
      3. Select
        Commit
         and
        Commit
         your changes.
    2. Log in to the Panorama web interface of the Panorama Controller.
    3. Click
      Commit
       and
      Commit to Panorama
      any pending configurations changes to the Panorama Controller. Importing multiple firewalls requires that there be no pending changes to the Panorama Controller, or the import fails.
    4. Select
      Panorama
      Interconnect
      Devices
       and
      Import
       the firewalls.
    5. Click
      Download Sample CSV
       to download a template of the CSV file with the correct format to upload multiple firewalls.
    6. Fill out the downloaded CSV. Enter the appropriate values in the
      serial
      ,
      panorama
      ,
      device-group
      , and
      template-stack
       fields. The Panorama Node, device group, and template stack must already be added and created on the Panorama Controller before importing the firewalls and are required to successfully add the firewall. Once you have finished entering the firewall information,
      Save
       the file.
      You also have the ability to assign the firewalls to content schedules. These are not required for the firewall import.
      Changing the CSV column order is not supported. The firewall import fails if the column order re-ordered.
    7. Back in the Panorama web interface,
      Select File
       to browse and select the CSV file containing the firewall information.
      A firewall with required information missing in the bulk import causes the entire import to fail. You are prompted with an error message indicating the location of issues in the import file if an error is encountered.
    8. Append
       the new devices to add them to the end of the list of
      Devices
      . All imported devices must be new devices. The import fails if any of the devices being imported are part of the running configuration on the Panorama Controller.
      De-select the
      Append
       box if you want to delete existing devices in the list and just add the new devices that you are adding now.
    9. Click
      OK
       to add the firewalls as managed devices.
    10. Click
      Commit
       and
      Commit to Panorama
       to finish adding the firewalls.
    11. Select
      Panorama
      Interconnect
      Panorama Nodes
       and
      Synchronize Config
      .
    12. Verify that the newly imported firewalls are
      Connected
      .
      1. Select
        Panorama
        Interconnect
        Devices
        .
      2. Find the firewalls you imported, and verify that the Connection Status column displays
        Connected
        .

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.