PaloAlto Networks PA-5400 Series Hardware Reference Manual
  1. Manuals
  2. Brands
  3. PaloAlto Networks Manuals
  4. Firewall
  5. PA-5400 Series
  6. Hardware reference manual

PaloAlto Networks PA-5400 Series Hardware Reference Manual

Next-gen firewall
Hide thumbs Also See for PA-5400 Series:
Table of Contents

Advertisement

Quick Links

PA-5400 Series Next-Gen Firewall
Hardware Reference
docs.paloaltonetworks.com

Advertisement

Table of Contents
loading

Related Manuals for PaloAlto Networks PA-5400 Series

Summary of Contents for PaloAlto Networks PA-5400 Series

  • Page 1 PA-5400 Series Next-Gen Firewall Hardware Reference docs.paloaltonetworks.com...
  • Page 2 Alto Networks. A list of our trademarks can be found at www.paloaltonetworks.com/company/ trademarks.html. All other marks menoned herein may be trademarks of their respecve companies. Last Revised May 28, 2021 PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 3: Table Of Contents

    PA-5450 Front and Back Panel Descripons..............14 PA-5450 Front Panel....................14 PA-5450 Back Panel..................... 15 PA-5400 Series Firewall Module and Interface Card Informaon..19 PA-5400 Series Firewall Base Card (BC)................20 PA-5400 BC-A........................ 20 PA-5400 Series Firewall Management Processor Card (MPC)........21 PA-5400 MPC-A......................
  • Page 4 Table of Contents Service the PA-5400 Series Firewall Hardware........61 Replace a PA-5400 Series Firewall AC or DC Power Supply..........62 Interpret the PA-5400 Series Firewall Power Supply LEDs.........62 Replace a PA-5450 AC or DC Power Supply............63 Replace a PA-5400 Series Base Card (BC)................65 Replace a PA-5450 Base Card (BC)................65...

  • Page 5: Before You Begin

    Before You Begin Read the following topics before you install or service a Palo Alto Networks next- ® generaon firewall or appliance. The following topics apply to all Palo Alto Networks firewalls and appliances except where noted. > Upgrade/Downgrade Consideraons for Firewalls and Appliances >...

  • Page 6: Upgrade/Downgrade ConsideraOns For Firewalls And Appliances

    If the value the downgrade. If the is less than 20, then value is less than 20, contact support for then contact support for assistance. assistance. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 7: Tamper Proof Statement

    • The integrity of the warranty label on the firewall or appliance is not compromised. (PA-7000 Series firewalls only) PA-7000 Series firewalls are modular systems and therefore do not include a warranty label on the firewall. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 8: Third-Party Component Support

    Before You Begin Third-Party Component Support Before you consider installing third-party hardware, read the Palo Alto Networks Third-Party Component Support statement. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 9: Product Safety Warnings

    • I/O ports are intended for intra-building connecons only and not intended for OSP (Outside Plant) connecons or any network connecons subject to external voltage surge events. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 10 Toutefois, vous devez le faire dans les 45 secondes et vous ne pouvez remplacer qu’un roir à la fois, sinon le circuit de protecon thermique arrêtera le pare-feu. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 11 (de service) qu'à l'aide d'un oul spécial, cadenas ou clé, ou autre disposif de sécurité, et qui est contrôlée par l'autorité responsable du site. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 12 • A suitably-rated DC mains disconnect device must be provided as part of the building installaon. French Translaon: Un interrupteur d'isolement suffisant doit être fourni pendant l'installaon du bâment. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 13: Pa-5400 Series Firewall Overview

    The PA-5400 Series firewalls (currently only the PA-5450) are high performance modular appliances designed for large enterprise environments, data centers, and internet gateway deployments. The PA-5400 Series can leverage either AC or DC power and ulizes Networking Cards (NCs) and Data Processor Cards (DPCs) to scale network interfaces and data processing power as needed.

  • Page 14: Pa-5450 Front And Back Panel DescripOns

    6. If a second NC is installed in slot 2, then up to four DPCs can be installed in the appliance instead. For more informaon, see PA-5400 Series Firewall Data Processor Card (DPC) PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 15: Pa-5450 Back Panel

    PA-5450 Back Panel The following image shows the back panel of the PA-5450 firewall (with two AC power supplies installed) and the table describes each back panel component. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 16 For informaon on connecng power to the appliance, see Connect Power to a PA-5400 Series Firewall. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.
  • Page 17 PA-5400 Series Firewall Overview To view system firmware versions, use the following CLI command: admin@PA-5400> show chassis firmware PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 18 PA-5400 Series Firewall Overview PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 19: Pa-5400 Series Firewall Module And Interface Card InformaOn

    PA-5400 Series Firewall Module and Interface Card Informaon The PA-5400 Series firewalls are modular systems that require a Base Card (BC) and a Management Processor Card (MPC) to operate. The BC is an internal baseboard that provides connecons to the front card slots, power supplies, and fan assemblies.

  • Page 20: Pa-5400 Series Firewall Base Card (Bc)

    PA-5400 Series Firewall Module and Interface Card Informaon PA-5400 Series Firewall Base Card (BC) The PA-5400 Series Base Card (BC) serves as the link between all stac and modular components of the appliance. It funcons as a control plane ethernet switch, a data plane traffic manager, and first packet processor subsystem.

  • Page 21: Pa-5400 Series Firewall Management Processor Card (Mpc)

    PA-5400 Series Firewall Module and Interface Card Informaon PA-5400 Series Firewall Management Processor Card (MPC) The PA-5400 Series firewall Management Processor Card (MPC) is a mandatory interface that connects to the PA-5400 Series Firewall Base Card (BC). The MPC enables management, logging, and high availability funcons via SFP+ ports and features two system drives and one logging...
  • Page 22 HSCI-A and HSCI-B Quad-SFP+ (QSFP+/QSFP28) interfaces used to connect (High Speed Chassis two PA-5400 Series firewalls for a high availability (HA) Interconnect) Ports configuraon. Each port offers 80GE (two 40Gbps links) or 200GE (two 100Gbps links) connecvity and is used for HA2 data link in an acve/passive configuraon.
  • Page 23 PA-5400 Series Firewall Module and Interface Card Informaon Item Component Descripon Management Ports Two SFP/SFP+ management ethernet ports providing 1/10GE connecvity that are used to access the management interface. To manage the firewall, change your management computer IP address to 192.168.1.2, connect an RJ-45 cable from your computer to one of the MGT ports and browse to hps:/ / 192.168.1.1.
  • Page 24 PA-5400 Series Firewall Module and Interface Card Informaon State Descripon Green The card is operang normally. (STATUS) Yellow The card is boong up. Green The card is powered on. Off The card is powered off. PS (Power Green All power supplies are operang normally.
  • Page 25 PA-5400 Series Firewall Module and Interface Card Informaon State Descripon admin@PA-5450> set system setting service-led enable no Enter the following command to enable the SVC LED on the card in a specific slot: admin@PA-5450> set system setting service-led enable slo t s3 yes Off...

  • Page 26: Pa-5400 Series Firewall Networking Card (Nc)

    PA-5400 Series Firewall Module and Interface Card Informaon PA-5400 Series Firewall Networking Card (NC) Networking Cards (NCs) provide network connecvity for a PA-5400 Series firewall. To scale performance and capacity, you can install up to two NCs in a PA-5450 firewall.
  • Page 27 PA-5400 Series Firewall Module and Interface Card Informaon Item Component Descripon LED Indicators Five LEDs that indicate the status of various hardware components. For details on the LEDs, see Interpret the PA-5400 NC-A LEDs Ethernet Ports Four 1Gbps/10Gbps BaseT RJ45 Ethernet ports.
  • Page 28 PA-5400 Series Firewall Module and Interface Card Informaon State Descripon Yellow The card temperature is outside the temperature tolerance. The card hardware failed. (Alarm) Off The card is operang normally. Green The card is operang normally. (STATUS) Yellow The card is boong up.

  • Page 29: IdenFy Pa-5400 Series Nc Port AcVity And Link Leds

    The following image shows how to idenfy the acvity and link LEDs for the port types available on PA-5400 Series firewall NCs. The image shows the port orientaon if the NC is in a horizontal posion. For details on the funcons and states of the LEDS, see Interpret the PA-5400 NC-A LEDs.
  • Page 30 PA-5400 Series Firewall Module and Interface Card Informaon PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 31: Pa-5400 Series Firewall Data Processor Card (Dpc)

    PA-5400 Series Firewall Data Processor Card (DPC) The PA-5400 Series Data Processor Card (DPC) is a front slot card that improves the processing capacity of the firewall. You can install up to four or five DPCs depending on your scaling needs and slot configuraon.
  • Page 32 PA-5400 Series Firewall Module and Interface Card Informaon Item Component Descripon LED Indicators Five LEDs that indicate the status of various hardware components. For details on the LEDs, see Interpret the PA-5400 Series DPC-A LEDs Ejector Tabs Push tabs that are used to...
  • Page 33 PA-5400 Series Firewall Module and Interface Card Informaon State Descripon Service LED Slot    Description Status s1      PA-5400-NC-A      On    s2      empty             Off   s3      empty   Off   s4      empty             Off   s5      empty             Off   s6      PA-5400-DPC-A     On    s7      PA-5400-MPC-A     On    Enter the following command to view the status for a card in a specific slot: (Connued)
  • Page 34 PA-5400 Series Firewall Module and Interface Card Informaon PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 35: Pa-5400 Series Firewall InstallaOn

    PA-5400 Series Firewall Installaon The PA-5400 Series firewalls are modular systems that require you to install several components, such as network cards, during the installaon process. Due to the weight of the firewalls, we recommend that you first install the firewall appliance into the rack...

  • Page 36: Pa-5400 Series Firewall Equipment Rack InstallaOn

    PA-5400 Series Firewall Installaon PA-5400 Series Firewall Equipment Rack Installaon PA-5400 Series firewalls are designed for installaon in a standard 19-inch equipment rack. Before you install the hardware, read PA-5400 Series Firewall Rack Install Safety Informaon. • Install the PA-5450 Firewall in an Equipment Rack PA-5400 Series Firewall Rack Install Safety Informaon...
  • Page 37 Posion the boom edges of the fixed and adjustable brackets to the boom of the 5 RU rack space reserved for the PA-5450. Align the sloed holes of the fixed mounng bracket PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.
  • Page 38 Similarly, align the sloed holes in the adjustable mounng bracket to the holes on the rear of the equipment frame. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.
  • Page 39 (not provided) compable with your equipment frame. Tighten the screws to their recommended torque value. The mounng brackets are designed for equipment frames that are up to 32” deep (81.3 cm). PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 40 Slide the PA-5450 on the brackets that were previously mounted to the equipment frame unl the front mounng flanges of the PA-5450 are flush against the mounng surface of the equipment frame. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 41 STEP 7 | Secure the PA-5450 to the equipment frame on both sides using 8 screws each (not provided). The screws must be compable with your equipment frame. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 42 You may need to loosen the PA-5450 support bracket screws to align the holes in the support bracket to the threaded holes in the PA-5450 appliance. If adjustment is needed, only loosen the screws on one side at a me. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 43: Install The Mandatory Pa-5400 Series Firewall Front Slot Cards

    Install the Mandatory PA-5400 Series Firewall Front Slot Cards The PA-5400 Series firewalls require a minimum of three cards that you install in the front slots of the appliance. These cards are shipped separately from the firewall and include the following: The Management Processor Card (MPC) provides management connecvity to the appliance and HA...

  • Page 44: Install A Pa-5400 Series Firewall Networking Card (Nc)

    STEP 4 | Push on both ejector handles unl they lock the card into place. Install a PA-5400 Series Firewall Networking Card (NC) STEP 1 | Aach the provided ESD strap to your wrist and plug the other end in to the ESD port locaon on the front of the appliance.
  • Page 45 flow. Ensure that the boom “teeth” of the blank panel fit into the notches on the boom of the slot. Rotate the blank panel upwards unl it snaps at the top of the slot. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 46: Configure Session DistribuOn On A Pa-5400 Series Firewall

    Session Distribuon Policies in the PAN-OS Networking Administrator’s Guide. Install a PA-5400 Series Firewall Data Processor Card (DPC) STEP 1 | Aach the provided ESD strap to your wrist and plug the other end in to the ESD port locaon on the front of the appliance. See PA-5450 Front Panel for the locaon of the ESD...
  • Page 47 flow. Ensure that the boom “teeth” of the blank panel fit into the notches on the boom of the slot. Rotate the blank panel upwards unl it snaps at the top of the slot. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 48: Set Up A ConnecOn To The Firewall

    PA-5450 Management Processor Card (MPC) to your computer. Once the firewall is powered on, use a terminal emulator such as PuTTY to access the CLI. See Access the CLI more informaon. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 49 ZTP firewall. You will have to enter the serial number (12-digit number idenfied as S/ N) and claim key (8-digit number). These numbers are sckers aached to the back of the device. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 50: Connect Power To A Pa-5400 Series Firewall

    Determine PA-5400 Series Firewall Power Configuraon Requirements At least one acve AC or DC power supply is required to operate a PA-5400 Series firewall. Factors that can change your power requirements are the number of Networking Cards (NCs) and Data Processor Cards (DPCs) used and your power redundancy requirement.

  • Page 51: Connect Ac Or Dc Power To A Pa-5450 Firewall

    DC power supplies installed. The AC power supplies support 100 to 240VAC power input and the DC power supplies support 48 to 60VDC power input. For details on power requirements, see Determine PA-5400 Series Firewall Power Configuraon Requirements. Learn how to Set Up a Connecon to the Firewall...
  • Page 52 1. Connect the first two power supplies to a 120VAC 15-amp circuit breaker or 240VAC 20-amp circuit breaker using the provided power cords and then connect the second two PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.
  • Page 53 Do this for each of the four power supplies, ensuring that the first two power supplies on the le are connected to one power circuit breaker and the second pair on the right PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.
  • Page 54 firewall in (standard mode or Zero Touch Provisioning mode) as specified in Set Up a Connecon to the Firewall. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 55: View Pa-5400 Series Firewall Power StaSCs

    PA-5400 Series Firewall Installaon View PA-5400 Series Firewall Power Stascs Use the following informaon to learn how to view acve power stascs on a PA-5400 Series firewall to help you ensure power redundancy and to plan for growth. You can view the amount of power that each power supply is producing as well as the power rang for each hardware...
  • Page 56 As indicated in the last row of the table, the three 2200 wa power supplies provide 6600 was and the installed hardware components (MPC, DPC, and NCs) use 1565 was. If you subtract 1565 from 6600, there are 5035 was of power remaining. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 57: Connect Cables To A Pa-5400 Series Firewall

    PA-5400 Series Firewall Installaon Connect Cables to a PA-5400 Series Firewall Aer you Connect Power to a PA-5400 Series Firewall, connect your management computer to the management port (MGT) on the firewall so you can begin the inial configuraon. You can oponally connect your management computer to the console port, which provides a serial...

  • Page 58: Verify The Pa-5400 Series Firewall Nc ConfiguraOn

    Verify the PA-5400 Series Firewall NC Configuraon When you first set up a PA-5400 Series firewall, both NC slots are ready to use. If you are working with a firewall that is already deployed, you should check slot status before adding a new NC to ensure that the NC slot is ready.
  • Page 59 For example, to enable NCs installed in slot 2 of both appliances, run the following command: admin@PA-5450> request chassis power-on slot s2 target ha-pair For informaon on installing NCs, see Install a PA-5400 Series Firewall Networking Card (NC). PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.
  • Page 60 PA-5400 Series Firewall Installaon PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 61: Service The Pa-5400 Series Firewall Hardware

    Service the PA-5400 Series Firewall Hardware The following topics describes how to replace field-serviceable components on a PA-5400 Series firewall. For an overview of the hardware components, see PA-5400 Series Firewall Overview. > Replace a PA-5400 Series Firewall AC or DC Power Supply >...

  • Page 62: Replace A Pa-5400 Series Firewall Ac Or Dc Power Supply

    Service the PA-5400 Series Firewall Hardware Replace a PA-5400 Series Firewall AC or DC Power Supply The following topics describe how to interpret the power supply LEDs and how to replace a PA-5400 Series firewall power supply. • Interpret the PA-5400 Series Firewall Power Supply LEDs •...

  • Page 63: Replace A Pa-5450 Ac Or Dc Power Supply

    A red LED indicates a failed power supply. For details on the power supply LEDs, see Interpret the PA-5400 Series Firewall Power Supply LEDs STEP 3 | Shut off power to the failed power supply.
  • Page 64 Service the PA-5400 Series Firewall Hardware STEP 7 | Turn on power to the new power supply. only) Plug the power cable into the corresponding AC power module on the back of the appliance. The new power supply turns on and the LED will turn green.

  • Page 65: Replace A Pa-5400 Series Base Card (Bc)

    Service the PA-5400 Series Firewall Hardware Replace a PA-5400 Series Base Card (BC) The PA-5400 Series Base Card (BC) is not hot-swappable. In the case of a failure, you must power off the appliance and disconnect all power sources before removing the BC.
  • Page 66 Service the PA-5400 Series Firewall Hardware STEP 6 | Grab both BC ejector handles and swing the handles outward at the same me. Gently pull the BC outward from inside the appliance. Support the BC with one hand while pulling it out from the appliance.

  • Page 67: Replace A Pa-5400 Series Firewall Fan Assembly

    Service the PA-5400 Series Firewall Hardware Replace a PA-5400 Series Firewall Fan Assembly The following topics describe how to replace a PA-5400 Series firewall fan tray. • Replace a PA-5450 Fan Assembly Replace a PA-5450 Fan Assembly The PA-5450 has four dual-rotor, single fan assemblies on its rear side. Each single fan assembly can be individually removed and replaced.
  • Page 68 Service the PA-5400 Series Firewall Hardware STEP 4 | Place your thumb under the thumb tab located on the boom of the fan assembly. Gripping the fan assembly handle with your fingers, push up on the thumb tab. STEP 5 | While sll gripping the fan assembly handle, gently pull the fan assembly out of its slot.
  • Page 69 Service the PA-5400 Series Firewall Hardware STEP 6 | Install the replacement fan by sliding it into the vacant fan slot, ensuring that the thumb tab is on the boom. STEP 7 | Verify that the new fan assembly is operaonal by nong the status of the fan assembly LED and the fan LED on the MPC.

  • Page 70: Replace A Pa-5400 Series Firewall Front Slot Card

    Service the PA-5400 Series Firewall Hardware Replace a PA-5400 Series Firewall Front Slot Card The PA-5400 Series firewalls require one Management Processor Card, at least one Networking Card (NC), and at least one Data Processor Card (DPC). The procedures to replace all of the front slot cards in a PA-5400 Series firewall are idencal.

  • Page 71: Replace A Pa-5400 Series Networking Card (Nc)

    The following topics describe how to replace an NC and provides details on checking the card slot status as well as how to troubleshoot an NC. • Replace a PA-5450 Networking Card (NC) • PA-5400 Series Firewall Networking Card (NC) Troubleshoong Commands PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...
  • Page 72 Service the PA-5400 Series Firewall Hardware Replace a PA-5450 Networking Card (NC) STEP 1 | Put the provided ESD wrist strap on your wrist ensuring that the metal contact is touching your skin. Then aach (snap) one end of the ground cable to the wrist strap and remove the alligator clip from the banana clip on the other end of the ESD grounding cable.
  • Page 73 Service the PA-5400 Series Firewall Hardware PA-5400 Series Firewall Networking Card (NC) Troubleshoong Commands The following table describes common commands that you can use to troubleshoot NC issues on a PA-5400 Series firewall. The PA-5450 firewall makes use of paired...

  • Page 74: Replace A Pa-5400 Series Data Processor Card (Dpc)

    2 target ha-pair You can use the ha-pair opon in an HA configuraon for many of the slot control commands. Replace a PA-5400 Series Data Processor Card (DPC) Learn how to replace a DPC. • Replace a PA-5450 Data Processor Card (DPC)

  • Page 75: Pa-5400 Series Front Slot And Card States

    Push on both ejector handles unl they lock the card into place. PA-5400 Series Front Slot and Card States You can view the slot and card status informaon on a PA-5400 Series firewall using the web interface or the command line interface (CLI). From the web interface, select Network > Interfaces to view the status of each slot.

  • Page 76: Pa-5400 Series Logical Card Slots

    Unsupported The card is not a supported type for this slot. PA-5400 Series Logical Card Slots The PA-5400 Series firewall requires the use of logical card slots in order to direct processing power from the Data Processing Card (PA-5400 DPC-A) to the Networking Card (PA-5400 NC- A).
  • Page 77 Service the PA-5400 Series Firewall Hardware See the following table of possible CLI commands that are used to restart, power on, or power off a card. For more informaon on card states, see PA-5400 Series Front Slot and Card States.
  • Page 78 Service the PA-5400 Series Firewall Hardware CLI Command Result request chassis enable slot <> targe t -ha-pair The status of one card in a logical pair can have an impact on the status of the other card in the pair. The firewall will consult the logically paired card during different operaons. For example, when a DPC is brought into a Power-Off state, its corresponding NC will also be powered off.
  • Page 79 Service the PA-5400 Series Firewall Hardware Operaon Possible Outcomes Crical System Log Examples Powering • Using the admin-power-on or 2021/04/12 14:03:48 criti on a DPC power-on commands will only cal hw slot-po 0 power on the DPC. The Logically paired Sl •...

  • Page 80: Replace A Pa-5450 Front Slot Card In A High Availability (Ha) ConfiguraOn

    Service the PA-5400 Series Firewall Hardware Replace a PA-5450 Front Slot Card in a High Availability (HA) Configuraon When High Availability (HA) is configured on the firewall, you must take addional steps to remove and install a Networking Card (NC) or Data Processing Card (DPC). Although it is possible to hot-swap the front slot cards, following the procedure outlined below will prevent slot or device failures in a live HA deployment.
  • Page 81 Service the PA-5400 Series Firewall Hardware To install a replacement of the failed card: 1. When you receive the replacement NC or DPC, insert it into the device that needs the replacement card. 2. Issue the following command where X is the slot inserted: request chassis admin-power-on slot X target ha-pair 3.

  • Page 82: Install An Mpc Logging Drive

    Service the PA-5400 Series Firewall Hardware Install an MPC Logging Drive STEP 1 | Aach an ESD strap to your wrist and plug the other end in to the ESD port locaon on the front of the appliance. See PA-5450 Front Panel for the locaon of the ESD port.

  • Page 83: Replace An Mpc System Drive

    Service the PA-5400 Series Firewall Hardware Replace an MPC System Drive STEP 1 | Ensure that you have access to an ESD work surface for placement of the Management Processor Card (MPC). STEP 2 | Put the provided ESD wrist strap on your wrist ensuring that the metal contact is touching your skin.
  • Page 84 Before re-installing the MPC, plug the banana clip end of your ESD wrist strap into one of the ESD ports located on the back of the appliance. STEP 10 | Slide the MPC back into slot 7. See Install a PA-5400 Series Firewall Management Processor Card (MPC) for more informaon. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc.

  • Page 85: Pa-5400 Series Firewall SpecificaOns

    The following topics provide appliance and component specificaons for the PA-5400 Series firewalls. View the datasheet for informaon on features, performance, and capacity numbers. > PA-5400 Series Firewall Physical Specificaons > PA-5400 Series Firewall Electrical Specificaons > PA-5400 Series Firewall Environmental Specificaons...

  • Page 86: Pa-5400 Series Firewall Physical SpecificaOns

    Power Supply (DC)—2 lbs (.9 kg) Rack mount size PA-5450 firewall—5U Power supply configuraons PA-5450 firewall—Four AC or DC power supplies. The AC and DC power supplies are hot-swappable. PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 87: Pa-5400 Series Firewall Electrical SpecificaOns

    PA-5400 Series Firewall Specificaons PA-5400 Series Firewall Electrical Specificaons Use the following topics to learn about the PA-5400 Series firewall electric specificaons and the types of power cords you can use. • PA-5400 Series Firewall Component Electrical Specificaons • PA-5400 Series Firewall Power Cord Types PA-5400 Series Firewall Component Electrical Specificaons...
  • Page 88 Power Cord, North America, 15A, 250V, IEC C19 to IEC C14, 10 PAN-PWR-C19-US-120V Power Cord, North America, 15A, 125V, C19 to NEMA 5-15P, 10 PAN-PWR-C19-JP-120V Power Cord, Japan, 15A, 125V, JISC8303 to C19, 10, PSE Cerfied PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 89: Pa-5400 Series Firewall Environmental SpecificaOns

    PA-5400 Series Firewall Specificaons PA-5400 Series Firewall Environmental Specificaons The following table describes PA-5400 Series firewall environmental specificaons. Specificaon Value Operang temperature range 0° to 40°C (32°F to 104°F) Storage temperature range -20° to 70°C (-4°F to 158°F) Humidity 5% to 90% non-condensing Appliance airflow...
  • Page 90 PA-5400 Series Firewall Specificaons PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

  • Page 91: Pa-5400 Series Firewall Hardware Compliance Statements

    Our products meet standards for product safety and electromagnec compability when used for their intended purpose. To view compliance statements for the PA-5400 Series firewalls, see PA-5400 Series Firewall Compliance...

  • Page 92: Pa-5400 Series Firewall Compliance Statements

    PA-5400 Series Firewall Hardware Compliance Statements PA-5400 Series Firewall Compliance Statements The following are the PA-5400 Series firewall hardware statements: • VCCI This secon provides the compliance statement for the Voluntary Control Council for Interference by Informaon Technology Equipment (VCCI), which governs radio frequency emissions in Japan.
  • Page 93 PA-5400 Series Firewall Hardware Compliance Statements • BSMI EMC Statement—User warning: This is a Class A product. When used in a residenal environment it may cause radio interference. In this case, the user will be required to take adequate measures.
  • Page 94 PA-5400 Series Firewall Hardware Compliance Statements PA-5400 Series Next-Gen Firewall Hardware Reference 2021 Palo Alto Networks, Inc. ©...

Table of Contents