Ports Used for Panorama
Panorama uses the following ports.
Used for communication from a client system to the Panorama web interface.
Used for communication between Panorama and the Logging Service and the GlobalProtect cloud service.
Used for communication between Panorama and managed firewalls or managed collectors, as well as for communication among managed collectors in a Collector Group:
Used for managed devices (firewalls and Log Collectors) to retrieve software and content updates from Panorama.
Only devices that run PAN-OS 8.x and later releases retrieve updates from Panorama over this port. For devices running earlier releases, Panorama pushes the update packages over port 3978.
28769 (5.1 and later)
28260 (5.0 and later)
49160 (5.0 and earlier)
Used for the HA connectivity and synchronization between Panorama HA peers using clear text communication. Communication can be initiated by either peer.
Used for the HA connectivity and synchronization between Panorama HA peers using encrypted communication (SSH over TCP). Communication can be initiated by either peer.
28270 (6.0 and later)
49190 (5.1 and earlier)
Used for communication among Log Collectors in a Collector Group for log distribution.
Used by the Panorama virtual appliance to write logs to the NFS datastore.
Port that Panorama uses to provide contextual information about a threat or to seamlessly shift your threat investigation to the Threat Vault and AutoFocus.
23000 to 23999
TCP, UDP, or SSL
Used for Syslog communication between Panorama and the Traps ESM components.
Verify Panorama Port Usage
Verify Panorama Port Usage To ensure that Panorama can communicate with managed firewalls, Log Collectors, and WildFire appliances and appliance clusters, and its high availability ...
Ports Used for Management Functions
Ports Used for Management Functions The firewall and Panorama use the following ports for management functions. Destination Port Protocol Description 22 TCP Used for communication ...
Communication Settings Panorama > Managed Collectors > Communication To configure custom certificate-based authentication between Log Collectors and Panorama, firewalls, and other Log Collectors, configure the ...
Ingest Traps ESM Logs on Panorama
Ingest Traps ESM Logs on Panorama Visibility is a critical first step in preventing and reducing the impact of an attack. To help you meet ...
Set Up the M-Series Appliance as a Log Collector
Set Up the M-Series Appliance as a Log Collector If you want a dedicated appliance for log collection, configure an M-100, M-200, M-500, M-600 appliance ...
Set Up The Panorama Virtual Appliance as a Log Collector
How to set up a Panorama virtual appliance on AWS, AWS GovCloud, Microsoft Azure, KVM, Hyper-V, or ESXi as a Dedicated Log Collector. ...
Panorama > Log Ingestion Profile
Panorama > Log Ingestion Profile Use the log ingestion profile to enable Panorama to receive logs from external sources. In PAN-OS 8.0.0, Panorama (in Panorama ...
Deploy Panorama with Dedicated Log Collectors
Deploy Panorama with Dedicated Log Collectors The following figures illustrate Panorama in a distributed log collection deployment. In these examples, the Panorama management server comprises ...
Configure Panorama for Network Segmentation
Configure Panorama for Network Segmentation To offload Panorama services from the MGT interface to other interfaces, start by configuring the interfaces on the Panorama management ...