Panorama is unable to deploy master key to Cloud VM firewalls hosted on AWS

Panorama is unable to deploy master key to Cloud VM firewalls hosted on AWS

827
Created On 01/30/23 22:41 PM - Last Modified 06/26/24 20:27 PM


Symptom


Under Panorama > Managed Devices > Summary > Deploy master key section of the Panorama, none of the AWS VM series managed firewalls show up in the list:
Device list for deploying master key
 

Environment


  • VM Panoama with Managed Firewalls
  • PAN-OS 10.1 or higher
  • AWS Platform

Cause


Software Issue.

Resolution


  1. The issue has been addressed under PAN-210397  in PAN-OS 10.1.10 and 10.2.5 release.
  2. Upgrade of the firewalls will resolve the issue.

Workaround:
  1. Deploy the master key to firewalls by executing following CLI command on Panorama.
request batch deploy-master-key type devices list <list of firewall serial numbers separated by,> lifetime <new lifetime of master key> new-master-key <your new key>
OR
  1. Configure the master key manually using the local firewall access. Refer How to configure master key on firewall.

Additional Information


The issue is targeted to be fixed in newer releases on PanOS 10.1, 10.2 and higher. Please refer to new software release notes and search for PAN-210397 in order to verify if the fix has been included in particular PanOS release.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kGgQCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail