Requirements for virtual Panorama to have 2,500 managed devices
23116
Created On 03/01/19 01:55 AM - Last Modified 09/01/23 09:21 AM
Symptom
- With the new enhancement in PAN-OS 9.0, M-600 Panorama platform can manage up to 5,000 devices.
- This article is specifically for the Virtual (VM) Panorama platform which can manage up to 2,500 devices in Management-only mode.
Environment
- Virtual Panorama (VM)
- PAN-OS 9.0.12 and above. Please see PAN-149915
Cause
Without meeting the proper requirements, the following error can be seen:
admin@Panorama> configure Entering configuration mode [edit] admin@Panorama# set mgt-config devices 00500000123 Server error : 00500000123 is invalid. Maximum number of managed devices reachedNote: This error can also be seen if the proper Device Management license has not been applied.
Resolution
Steps to settings up the VM Panorama appliance to manage up to 2,500 firewalls can be found here.
Chart from the Panorama Administrator's Guide Increased Device Management Capacity Requirements
| REQUIREMENT | PANORAMA VIRTUAL APPLIANCE |
| Model | All supported Panorama hypervisors. For more information, see Panorama Models. |
| Panorama Mode | Management Only |
| System Disk |
|
| Cores | 28 (with Hyper-Threaded) |
| Memory | 256 GB |
| Log Collection | Local log collection is not supported. See Deploy Panorama with Dedicated Log Collectors to set up log collection. |
| Logging and Reporting |
Enable the "Use Panorama Data for Pre-Defined Reports" settings (Panorama > Setup > Management > Logging and Reporting Settings > Log Export and Reporting) |
Key requirements to check:
- Model, software version, system-mode, number of CPUs, ram in GBs, and licensed-device-capacity
admin@Panorama> show system info ... model: Panorama serial: 0007HQTACLAB0001 cloud-mode: non-cloud vm-uuid: 42015F42-B1A3-9E29-B34F-5F24BAE72EB4 vm-cpuid: ESX:D2060200FFFBAB1F vm-mode: VMWare ESXi sw-version: 9.0.0 ... system-mode: management-only num-cpus: 56 ram-in-gb: 256 panlogs-partition-in-gb: 31 licensed-device-capacity: 1000
- System disk size
admin@Panorama> show system disk-partition
Disk /dev/sda: 87.0 GB, 86973087744 bytes, 169869312 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x0000993c
- Device Management License is installed and specified up to 1000 devices
admin@Panorama> request license info Current GMT Date: February 28, 2019 License entry: Feature: Device Management License Description: VM Panorama license to manage up to 1K devices Serial: 0007HQTACLAB0001 Issued: May 23, 2018 Expires: Never Expired?: no
PANW sales representative will be able to assist in obtaining the correct Panorama device management license
License SKU: PAN-PRA-1000
Note: Although the description states 1,000 devices can be managed, the virtual appliance can still manage up to 2,500 devices.
This is as of 9.0.0 base release.