PaloAlto Networks PA-400 Series, Hardware Reference Manual

Page 1: ...PA 400 Series Next Gen Firewall Hardware Reference paloaltonetworks com documentation...

Page 2: ...rch for a specific topic go to our search page www paloaltonetworks com documentation document search html Have feedback or questions for us Leave a comment on any page in the portal or write to us at...

Page 3: ...19 inch Equipment Rack 32 Install the PA 400 Series Firewall Using the PAN PA 400 RACKTRAY 32 Set Up a Connection to the Firewall 38 Connect Power to a PA 400 Series Firewall 41 Connect Power to a PA...

Page 4: ...iv TABLE OF CONTENTS...

Page 5: ...o Networks next generation firewall or appliance The following topics apply to all Palo Alto Networks firewalls and appliances except where noted Upgrade Downgrade Considerations for Firewalls and App...

Page 6: ...6 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Before You Begin 2021 Palo Alto Networks Inc...

Page 7: ...ort the requirements for the service route We recommend using the dataplane interface for the Data Services service route n a Upgrading a PA 7000 Series Firewall with a first generation switch managem...

Page 8: ...uct The tracking number provided to you electronically when ordering the product matches the tracking number that is physically labeled on the box or crate The integrity of the tamper proof tape used...

Page 9: ...IREWALL HARDWARE REFERENCE Before You Begin 9 2021 Palo Alto Networks Inc Third Party Component Support Before you consider installing third party hardware read the Palo Alto Networks Third Party Comp...

Page 10: ...regulations French Translation Des c bles Ethernet blind s reli s la terre doivent tre utilis s pour garantir la conformit de l organisme aux missions lectromagn tiques CEM PA 3200 PA 5200 PA 5400 PA...

Page 11: ...oser Mettez au rebut les batteries usag es conform ment aux instructions All Palo Alto Networks appliances with two or more power supplies Disconnect all power cords AC or DC from the power inputs to...

Page 12: ...ctement sur le conducteur lectrode de mise la terre du syst me d alimentation c c ou sur le connecteur d une barrette d un bus bornes de mise la terre auquel le conducteur lectrode de mise la terre du...

Page 13: ...The firewall permits the connection of the earthed conductor of the DC supply circuit to the earthing conductor at the equipment as described in the installation procedure for your firewall French Tr...

Page 14: ...14 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Before You Begin...

Page 15: ...eight Ethernet ports and dual power adapters for power redundancy The PA 400 Series firewall enables you to secure your organization through advanced visibility and control of applications users and...

Page 16: ...16 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE PA 400 Series Firewall Overview 2021 Palo Alto Networks Inc...

Page 17: ...uplex mode or choose auto negotiate 2 MGT port Use this Ethernet 10 100 1000Mbps port to access the management web interface and perform administrative tasks The firewall also uses this port for manag...

Page 18: ...ent computer does not have a serial port use a USB to serial converter Use the following settings to configure your terminal emulation software to connect to the console port Data rate 9600 Data bits...

Page 19: ...uter to the firewall using a 9 pin serial to RJ 45 cable and terminal emulation software The console connection provides access to firewall boot messages the Maintenance Recovery Tool MRT and the comm...

Page 20: ...0 100 1000Mbps port located beside the MGT label that is used toaccess the managementweb interface and performadministrative tasks Thefirewall also uses this portfor management services such as retrie...

Page 21: ...nd the table describes each back panel component Item Component Description 1 Ground stud Use the single post ground stud to connect the firewall to earth ground ground cable not included 2 Power adap...

Page 22: ...the PA 400 Series external power adapters provided by Palo Alto Networks 2 Ground stud Use the single post ground stud to connect the firewall to earth ground ground cable not included 3 Power Cord R...

Page 23: ...re required to install the firewall on a flat surface or on a wall You can also order a rack mount kit to Install the PA 400 Series Firewall on a Flat Surface Install the PA 400 Series Firewall on a W...

Page 24: ...24 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Install the PA 400 Series Firewall 2021 Palo Alto Networks Inc...

Page 25: ...21 Palo Alto Networks Inc Install the PA 400 Series Firewall on a Flat Surface The PA 440 PA 450 and PA 460 firewalls ship with rubber feet attached to each corner of the device As pictured below the...

Page 26: ...IES NEXT GEN FIREWALL HARDWARE REFERENCE Install the PA 400 Series Firewall 2021 Palo Alto Networks Inc The PA 410 has rubber feet installed on its bottom side so it can only be installed in a horizon...

Page 27: ...ng services water gas or wiring behind the wall where you intend to install the firewall STEP 2 Use a 1 Phillips head screwdriver to install the appropriate screws into each of the three or four marke...

Page 28: ...acket PA 440 PA 450 and PA 460 Install the power adapter in the power adapter wall mount bracket using the Velcro strap and cable tie Make sure to align the cable tie with the notches in the bracket t...

Page 29: ...r adapter wall mount bracket by first placing the power supply into the bracket aligning the feet of the power adapter with the four small holes on the wall mount bracket Next loop the Velcro strap th...

Page 30: ...REFERENCE Install the PA 400 Series Firewall 2021 Palo Alto Networks Inc STEP 5 After you secure the power adapter to the bracket mount the bracket next to the firewall using wood or drywall screws as...

Page 31: ...EXT GEN FIREWALL HARDWARE REFERENCE Install the PA 400 Series Firewall 31 2021 Palo Alto Networks Inc STEP 6 PA 440 PA 450 and PA 460 You can install an optional second power adapter next to the first...

Page 32: ...se installation first install the firewall s in the rack tray and then install the assembled rack tray into the equipment rack Install the PA 400 Series Firewall Using the PAN PA 400 RACKTRAY Install...

Page 33: ...U rack space reserved for the firewall Align the slotted holes in the adjustable mounting bracket to the holes on the rear of the equipment frame The mounting rails are designed for equipment frames t...

Page 34: ...DWARE REFERENCE Install the PA 400 Series Firewall 2021 Palo Alto Networks Inc STEP 4 With the front of the firewall facing forward align the four rubber feet on the bottom of the device to the slotte...

Page 35: ...n place using three of the provided 6 32 x 3 16 Long Flathead screws STEP 7 If mounting a second firewall Repeat Steps 4 through 6 for the second firewall Place the second firewall adjacent to the fir...

Page 36: ...ion next to the primary power supply STEP 11 If mounting a second firewall Repeat Steps 9 through 11 for the power supplies of the second firewall STEP 12 Slide the mounting tray into the rails previo...

Page 37: ...PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Install the PA 400 Series Firewall 37 2021 Palo Alto Networks Inc STEP 14 Proceed to Connect Power to a PA 400 Series Firewall...

Page 38: ...J 45 Ethernet cable to connect the device to the correct port The port s connected will depend on which mode you intend the firewall to run in Standard mode Connect the Ethernet cable from the MGT por...

Page 39: ...the firewall manually if using standard mode If using ZTP mode the device group and template configuration defined on the Panorama management server are automatically pushed to the firewall by the ZT...

Page 40: ...40 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Install the PA 400 Series Firewall...

Page 41: ...power The firewall can operate with one power adapter or you can install a second power adapter for power redundancy Learn how to Set Up a Connection to the Firewall based on your desired boot mode pr...

Page 42: ...42 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Connect Power to a PA 400 Series Firewall 2021 Palo Alto Networks Inc...

Page 43: ...th ground STEP 3 Connect the DC connector from the power adapter into the PWR 1 port on the firewall and tighten the connector nut to secure the cable to the firewall Ensure the power adapter itself i...

Page 44: ...to the firewall Torque the screw to 25 in lbs and then connect the other end of the cable to earth ground STEP 2 Insert the DC connector from the power adapter into the port on the back of the firewal...

Page 45: ...how to interpret the PA 400 Series status LEDs and how to replace a PA 400 Series power adapter The power adapter is the only serviceable component on the PA 400 Series firewall Interpret the LEDs on...

Page 46: ...46 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Service the PA 400 Series Firewall Hardware 2021 Palo Alto Networks Inc...

Page 47: ...Green The firewall is operating normally Yellow The firewall is booting ALM Alarm Red A hardware component failed such as a power adapter failure a firewall failure that caused an HA failover a drive...

Page 48: ...460 only PWR 1 and PWR 2 The following describes the power adapter LEDs on the back of the firewall Green The power input is receiving power Off The power input is not receiving power The PWR LED on t...

Page 49: ...power adapter has failed To avoid injury to yourself or damage to your Palo Alto Networks hardware or the data that resides on the hardware read the Product Safety Warnings STEP 1 Disconnect the faile...

Page 50: ...50 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE Service the PA 400 Series Firewall Hardware...

Page 51: ...ing topics describe the PA 400 Series firewall hardware specifications For feature capacity and performance information refer to the datasheet Physical Specifications Electrical Specifications Environ...

Page 52: ...52 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE PA 400 Series Firewall Specifications 2021 Palo Alto Networks Inc...

Page 53: ...mensions PA 410 Height 1 63 Width 9 53 Depth 6 42 Height 4 14 cm Width 24 21 cm Depth 16 31 cm PA 440 PA 450 and PA 460 Height 1 75 Width 8 Depth 8 8 Height 4 45 cm Width 20 3 cm Depth 22 35 cm Rack u...

Page 54: ...apter for power redundancy Input voltage PA 410 Power adapter AC side 100 240V AC 50 60Hz The power adapter converts the AC power to 12VDC to provide power to the firewall PA 440 PA 450 and PA 460 Pow...

Page 55: ...es firewall environmental specifications Specification Value Operating temperature range 32 F to 104 F 0 to 40 C Non operating temperature 4 F to 158 F 20 to 70 C Humidity tolerance 10 to 90 non conde...

Page 56: ...wall Specifications Miscellaneous Specifications The following table describes PA 400 Series firewall miscellaneous specifications Specification Value Storage capacity PA 440 PA 450 and PA 460 One 128...

Page 57: ...with the laws and regulations in each country where there are requirements applicable to our products Our products meet standards for product safety and electromagnetic compatibility when used for th...

Page 58: ...58 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE PA 400 Series Firewall Compliance Statements Overview 2021 Palo Alto Networks Inc...

Page 59: ...ry is replaced by an incorrect type Dispose of used battery according to local regulations Federal Communications Commission FCC statement for a Class B digital device or peripheral This equipment has...

Page 60: ...60 PA 400 SERIES NEXT GEN FIREWALL HARDWARE REFERENCE PA 400 Series Firewall Compliance Statements Overview...