Situation:
1. You need to do hardware swap (POC unit to actual unit)
2. You don’t have Panorama, and you need to do hardware swap due to RMA
Steps:
1. Ensure components are in the same version
2. Export and Import config
3. Commit configuration
Ensure components are in the same version
1. Make sure all components (PAN-OS, PAN-DB, Threat Prevention, Wildfire, GlobalProtect) are in the same version, license too.
1. To do PAN-OS software update, navigate to Device→Software
2. To do components update, navigate to Device→Dynamic Updates
3. To do PAN-DB update, navigate to Device→Licenses→PAN-DB Url Filtering
Export and Import config
1. From the old unit, navigate to Device→Setup→Operations
2. Click “Save named configuration snapshot” and give it a name. Example: ABC123.xml
3. Click “Export named configuration snapshot” and select ABC123.xml.
4. From the new unit, navigate to Device→Setup→Operations
5. Click “Import named configuration snapshot” and select ABC123.xml (config file from old unit)
6. Once imported, click “Load named configuration snapshot” and select ABC123.xml
Commit configuration
1. When you click commit, the firewall will start applying the configuration, meaning there’s a possibility that the ip will be duplicated in the network.
2. Normally I only connect Management port in the new unit, and leave other interfaces unplugged.
3. Click commit, and immediately unplug Management interface in the old unit. You will no longer have access to the old unit. New unit will be taking over the Management ip.
Incoming search terms:
- palo alto firewall process of swapping out firewalls
- palo alto migration process
- palo alto saving configuration
- set import network interface palo
- palo alto config migrate and management port
- palo alto cone config to new firewall
- move management interface palo alto
- migrating config from on palo device to another
- migrate palo alto to new hardware high availability
- migrate palo alto config
- migrate firewall config palo alto
- how to migrate palo alto config
- guideline to migrate palo alto firewall
- exporting pan vm config to another hardware firewall
- export configuration palo alto