about transparent

sorry for bothering you all. I'm new to computer networking. And while I'm building my own system, I'm having some trouble.

MODEM (internet) --- Firewall Palo Alto --- Laptop. This is the model I'm building myself. I was going to use transparent mode

GlobalProtect Android version 13 issue

Global Protect login continues to fail on Version 13 Android.

Site to Site VPN

Quick question on setting a site to site vpn, using tunnel mode. If I have a site "A" peer going and connecting with a site "B" peer for a VPN, can both sites have the same IP address subnet, or will that conflict? 

Scenario:

  Site A: 192.168.20.5

Replace with advanced License

Hello

Threat Prevention License
DNS Security License

These two licenses are coming up for EoS on June 16, 2025,
Is there any problem in replacing the licenses to Advanced, or is there a little work that needs to be done when replacing the licenses?

PA 445 ZTP

Hi Team,

I am planning to configure the new firewall using ZTP and also planning to manage this firewall completely via SCM.

Add a ZTP Firewall to Strata Cloud Manager

Following the above link to add teh ZTP FW to SCM.

> Need to know where will i get

Palo Alto Global Protect

Hello. 

   I am looking to setup and use Palo Alto's Global Protect feature; The question I have is if I have only 1 egress port (WAN) port that is public-facing, can I setup my Global Protect on that egress port or do I need to use another port for

For those that seek to get SSH Proxy working

Searching the internet it seems that people are looking to enable SSH Proxy and not finding answers. I managed to get it working but must say that the current supported SSH decrytion parameters for all PAN-OS versions aren't the most secure ones so y

Grace Period for Threat Protection and URL Filtering

Hello,

I'm curious if anyone knows if Palo Alto has a grace period for expired URL filtering and Threat protection licenses.

Thank You,

MJF

GlobalProtect access to local LAN devices

I am fairly new to Palo Alto devices.  We are in the process of testing the GlobalProtect client and have set it up without split-tunneling.

I have confirmed this works for web browsing (get the PA NAT address), but we are still able to get to all lo

Broker VM rejects SSL certificate

Hello PAN community,

I am trying to import a SSL certificate into our #BrokerVM
I can upload the private key, but the Server Certificate gets rejected with the Error: "failed to set custom ssl certificate"

I tried .cer and .pem files and none were a

Onboarding to Passive HA to Panorama

Hi Everyone,

I need advice on how to onboard the passive HA to Panorama. The Primary is already on Panorama but upon checking, it doesn't belong to a device group yet. I have read some documentation on how to onboard a local firewall to panorama, but