How to reset secure communication between firewall and Panorama

• Firewall with PAN-OS 10.1 or above 
• Panorama on PAN-OS 10.1 or above 
• Authentication Key for Secure Onboarding

1. Log in to Firewall CLI and run the commands below
   1. request sc3 reset
   2. debug software restart process management-server
2. Log into the Panorama CLI and run commands below
   1. clear device-status deviceid <firewall-sn> (This command is hidden you have to type whole syntax)
   2. request authkey add devtype <fw_or_lc) count <device_count> lifetime <key_lifetime> name <key_name> serial <device_SN> (Or from GUI Panorama> Device Registration Auth Key)
3. Log back into Firewall CLI and run command below
   1. request authkey set <auth_key>

Note:

• If firewalls in HA the sync will happen and both firewalls will be connected. But sometimes you have to perform the same steps on the passive also if it does not connect.
• Please be patient it takes a while for the firewalls to show panorama as connected. 
• Make sure Auth key has the serials of the firewalls on Panorama. If not generate a new Auth key and mention the firewall's serial numbers.
• If still firewalls are disconnected check ms.log on the firewalls to gain more info about the issue.