Automatic Site License Activation on the PAYG VM-Series Firewalls
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
End-of-Life (EoL)
Automatic Site License Activation on the PAYG VM-Series Firewalls
Retrieve enterprise-wide licenses for AutoFocus and the
Cortex Data Lake on the PAYG instances of VM-Series firewalls.
With the Pay-As-You-Go (PAYG) instance of
the VM-Series firewall, you can now unlock the capabilities of your
enterprise-wide licenses for AutoFocus or Cortex Data Lake. The
firewall requires a device certificate to get the site license entitlements
and securely access the cloud services.
With the site
license, the firewall has the entitlement to securely connect with
the Cortex Data Lake, and you must configure the firewall to connect
to and send logs to Cortex Data Lake.
- Enable the firewalls to retrieve the
site licenses automatically at launch.The firewall requires the device certificate to get the site license entitlements and securely access the cloud services. To retrieve the site licenses when you launch the firewall, in the bootstrap package you must include the authcode in the /license folder, and add the auto registration PIN ID and value in the init-cfg.txt file and place it in the /config folder.
- Generate the VM-Series registration PIN on the Customer Support Portal (CSP).
- Select AssetsDevice CertificatesGenerate Registration PIN.Save the PIN ID and value, and make sure to launch the firewall before the PIN expires.
- Add the registration PIN ID and value in the init-cfg.txt file.In addition to the required parameters, you must include:vm-series-auto-registration-pin-id=vm-series-auto-registration-pin-value=Log in to the firewall and verify that you can see the site license on the firewall.
- Generate the one-time password (OTP) and manually retrieve the device certificate on the firewall.
The firewall requires this device certificate to get the site license entitlements and securely access the cloud services.- Log in to the Customer Support Portal.Register your VM-Series firewall, if you have not already.
- Select AssetsDevice CertificatesGenerate OTP.
- Select your firewall from the list to Generate OTP.
- Log in to the firewall, and retrieve the device certificate.Select SetupManagementDevice Certificate and Get certificate
- Verify that the device certificate is fetched and that you can see the site license on the firewall.
- If using Panorama to manage the VM-Series firewall, see Install the device certificate on a managed firewall.