Information about security rule is not showing in Panorama for high availability passive firewall

Information about security rule is not showing in Panorama for high availability passive firewall

222
Created On 02/15/23 09:00 AM - Last Modified 11/05/25 22:16 PM


Question


Why security rule information such as last received update, created and modified date is not showing in Panorama for passive firewall?

image.png

Environment


  • Panorama
  • PANOS >=10.1.7
  • Pair of PA firewalls in high availability active passive

Answer


  • When you create a new security rule and push to HA cluster it will show up in both nodes by design.
  • However, when it comes to fields 'last received update', 'created' and 'modified' these are populated in Panorama  only for currently active firewall, and this is by design.
  • Go to Policies > Pre/Post Rules > click on the value in Rule usage column - data visible only for active node Lab40...
image.png
  • If you wish above fields to be populated on passive device and seen in Panorama, you would need to failover to passive node. After 5 minutes data will be populated in Panorama.

image.png
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kGxRCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail