: Activate Licenses on VM-Series Firewalls on NSX When Panorama has No Internet Access
Focus
Focus

Activate Licenses on VM-Series Firewalls on NSX When Panorama has No Internet Access

Table of Contents

Activate Licenses on VM-Series Firewalls on NSX When Panorama has No Internet Access

Complete the following procedure to activate the VM-Series firewall for NSX when Panorama does not have access to the internet.
  1. Locate the CPU ID and UUID of the VM-Series firewall.
    1. From the vCenter server obtain the IP address of the firewall.
    2. Log into the web interface and select
      Dashboard
      .
    3. Get the
      CPU ID
      and the
      UUID
      for the firewall from the General Information widget.
  2. Activate the auth code and generate the license keys.
    1. Log in to the Palo Alto Networks Customer Support website with your account credentials. If you need a new account, see Create a Support Account.
    2. Select
      Products
      VM-Series Auth Codes
      , click
      Add VM-Series Auth Codes
      to enter the auth code.
    3. Select
      Register VM
      in the row that corresponds to the auth code that you just registered, enter the CPU ID and the UUID of the firewall and click
      Submit
      . The portal will generate a serial number for the firewall.
    4. Select
      Products
      Assets
      NGFWs
      and search for the serial number.
    5. Click the link the Actions column to download each key locally to your laptop. In addition to the subscription license key, you must get the capacity license and the support license keys.
  3. Upload the keys to the firewall.
    1. Log in to the firewall web interface.
    2. Select
      Device
      Licenses
      , and select
      Manually upload license key
      .
    3. Browse
      to select a key and click
      OK
      to install the license on the firewall.
      Install the capacity license key file (pa-vm.key) first. When you apply the capacity license key, the VM-Series firewall will reboot. On reboot, the firewall will have a serial number that you can use to register the firewall as a managed device on Panorama.
    4. Repeat the process to install each key on the firewall.
    5. Select
      Dashboard
      and verify that you can see the
      Serial #
      in the General Information widget.
  4. Add the serial number of the firewall on Panorama.
    Select
    Panorama
    Managed Devices
    and click
    Add
    to enter the serial number for the VM-Series firewall for NSX. The firewall should now be able to connect with Panorama so that it can obtain its configuration and policy rules.

Recommended For You