How to Configure Panorama/Log Collector Combination in HA

• Panorama
• PAN-OS 9.1 and above
• High-Availability 

For Updated Steps and more information please see Set Up HA on Panorama

Steps

On the primary Panorama (active):

1. On the primary Panorama (active), use the following CLI command to set the Panorama-server, which should be the IP address of the secondary panorama: admin1# set deviceconfig system panorama-server <ip address of secondary panorama>
2. Commit the change.
3. On the secondary panorama, use the following CLI command to set the Panorama-server, which should be the IP address of the primary panorama: admin1# set deviceconfig system panorama-server<ip address of primary panorama>.
4. Commit the change.

On the GUI of primary Panorama:

1. Add the two log collectors and add the disks to each log collector.
2. Select the log collector which is in the secondary Panorama.
3. In the general tab, put the primary Panorama IP address into the Panorama Server IP field and the secondary Panorama IP address into the Panorama Server IP 2 field.
4. In the management tab, put the secondary Panorama IP address/Netmask/Default address into the corresponding fields.
5. Create collector group(s), and add the log-collectors to the group(s).
6. Commit the changes to the Panorama and wait until the HA-sync is done.
7. Push the config to the collect-group(s).
8. In the High Availability setting, disable the primary Panorama so the secondary Panorama will become active.

On the GUI of the secondary Panorama:

1. Select the log collector in the primary Panorama.
2. In the general tab, put the secondary Panorama IP address into the Panorama Server IP field and the primary Panorama IP address into the Panorama Server IP 2 field.
3. In the management tab, put the primary Panorama IP address/Netmask/Default address into the corresponding field.
4. Commit the changes to the Panorama and wait until the HA-sync is done.
5. Push the configuration to the collect-group(s).
6. Restore the Panorama HA back to the desired state.