Azure Cloud NGFWs not connecting back to Panorama correctly to show up in the device summary. Traffic logs do not show any traffic from firewalls

Azure Cloud NGFWs not connecting back to Panorama correctly to show up in the device summary. Traffic logs do not show any traffic from firewalls

2536
Created On 09/13/23 20:08 PM - Last Modified 09/13/23 21:22 PM


Symptom


When we go to Manage Devices > Summary we do not see the cloud NGFWs in the device summary in Panorama GUI
Traffic logs show in log monitor in Azure for the cloud NGFWs but do not show in Panorama traffic logs
 

Environment


Cloud NGFW in Azure 
Panorama PANOS 10.2.4-hx or later and 11.0.1-h1 or later 
Azure plugin 5.0.0 and above

 

Cause


Issue is with routing on Azure due to which the firewall does not show up under managed devices in Panorama GUI
No log forwarding enabled in security policy in Panorama

Resolution


- Went to Routing Intent and Routing policies in Azure and updated the next hop. After the update cloud NGFWs were visible under Managed Devices in Panorama. 
- Enabled log forwarding with the required log forwarding profile on security policy to have the logs showing up under Traffic logs in Panorama GUI

Additional Information


Make sure that the Panorama and cloud NGFWs are meeting the pre-requisites: https://docs.paloaltonetworks.com/cloud-ngfw/azure/cloud-ngfw-for-azure/panorama-policy-management/cngfw-panorama-integration-azure-prerequisites

All the fields in Cloud Device Group should be completed: https://docs.paloaltonetworks.com/cloud-ngfw/azure/cloud-ngfw-for-azure/panorama-policy-management/link-cngfw-to-panorama
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000XgUqCAK&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail