We using vsys in firewall and found with "No accessible virtual system" appear in Policy as file attach and we wait for moment of time and problem is resolve by itself. This is bug of GUI or do you guys know what make this happen ? PS. All traffic working fine.
Hi Expert , I would like to know about how to sizing pro per gb i know about if would like size ngfw refer with sls-sizing-estimator and lps per model but it seems like when i calculate is a huge size i'm not sure how to actually size and another log source please adivse me . Thank you
Hello PaloAlto engineer Team, I'm trying to configure the MasterDevice. Setting the MasterDevice to CIE doesn't mean the MasterDevice settings will be applied to Prisma Access or all devices in the device group, right? I understand that the MasterDevice just lets me know which device group the username will appear in the security policy. h...
Follow us on LinkedIn Register for an exam Get help
Hello Community, I am currently trying to perform an HA deployment in Azure.To do this, I am using the ‘Azure HA Deployment’ via GitHub and the embedded link where I can then deploy the VM series in the Azure Portal. Here are the links to the topic: https://docs.paloaltonetworks.com/vm-series/11-1/vm-series-deployment/set-up-the-vm-series-fi...
Dear all, since a couple of days I'm getting alerts like: Configuration size 19MB is above 80% of the maximum recommended configuration size 23MB for the platform. Please consider removing unused configuration I removed all old auto saved configs after upgrades, and the config size looks ok:> show management-server last-committed config-s...
Hi All,Has anyone ever seen this error on SCM when you want to onboard a firewall into SCM?
Hello, I am having issues with trying to get failover setup between vendor routers. We have vendor provided routers at our hub site and at one of our branch sites. We would like to have the traffic be routed to the branch vendor router in the event the hub vendor router is offline. I have setup a static route on the hub firewall to the hub vendo...
Is there a way to exclude traffic on port 8080 from the VPN tunnel while connected to Global Protect? I want to establish direct communication exclusively over port 8080, separate from VPN traffic. Is it possible? If so, please tell me how to set it up.
I configured them both using fqdn on the security policy with source as firewall management interface but ntp status shows rejected. How do I fix this. Please helpAll services to the internet use management interfaceDNS configured 1.1.1.1 and 8.8.8.8Firewall can ping 1.1.1.1 and 8.8.8.8Allowed application ntp and ntp baseI checked the monitor t...
Hello Community, I need to block an O365/Azure Entra ID account using the Cortex ITDR Module due to suspicious login activity, but I can't find any manuals on how to do this. Any assistance would be greatly appreciated. Thanks in advance, Best Regards, Max
Hi , Any one enable USER ID on cloud NGFW on azure and working smoothly in there environment? We tried POC in our environment but we are observing intermittent discussion between Palolo agent and Cloud NGFW azure which affecting its integration. We already opened TAC case but havent seen positive progress Thanks Sanil Hande
Hello we are using SCM for our NGFWs and try to connect via Global Protect. Using Radius Auth we can login with any client/os we those, but we want only domain joined device (w11,ios,ipad) to be connected via VPN. Where we must configure SCM to look at M365 for company devices? Kind regards
Hello Everyone, I am looking for official or community documents that explain VPN and Routing system log events in detail on Palo Alto firewalls. Specifically, I’d like to: Understand the meaning of log events such as ikev2-nego-ike-start, ipsec-key-install, ikev2-recv-p2-delete, routed-BGP-peer-left-established, etc. See if there is a compl...
About API key issuanceWe understand that API keys are issued by executing the following curl command toward PA.curl -k -X GET 'https://<PA-Firewall-IP>/api/?type=keygen&user=<username>&password=<password> Regarding the issued API key, does a different API key get issued each time the command is executed?※Assuming that...
July has been a month of powerful innovation and customer impact across Network Security. From major product milestones to new services and customer-focused resources, we continue to deliver on our pr...
From time to time, posts circulate that raise concerns about SSL/TLS decryption and the handling of logs in cloud-delivered security services. While healthy skepticism is important in cybersecurity, s...
The Need for Post-Quantum Resistant VPN Diffie-Hellman (DH), Elliptic Curve Cryptography (ECC), and Elliptic Curve Diffie-Hellman (ECDH) are used extensively in both PKI encryption and IKE key exchang...
This next Spark User Summit will be taking place on September 25th, 2025 at 9:30 AM Pacific Time. For this event, Fuel welcomes Srinivas Avasarala and Taylor Ettema. Hosted by Charles Buege of Fuel Us...
