Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
We have created a NAT policy to access the Server in the DMZ zone, we can able to successfully connect to the server from public network. But, we cannot see the traffic logs for the same.
Hello
For example, some implementations require multicast traffic to be encapsulated before IPSec encrypts it. If this is a requirement for your environment and the GRE tunnel and IPSec tunnel share the same IP address, Add GRE Encapsulation when yo
...
Hello everyone,
I am working on a project to deploy a Cluster of two Palo Alto VM's on Azure. While designing the solution with an internal and external Loadbalancer (you can see the picture in my post) i don't know if i need to configure Public IP a
...
Hi,
How can we determine the configuraiton file size on Palo Alto PA devices.
We wish to determine were our configuraiton size is compared to the recommened size for each PA type 5K 7k etc.
Thank you
Hi Panorama export configuration change message is configured to be sent to SCP server. The SCP is installed at PC/Win10. When trying to test the connection between Panorama and the SCP, I launch the connection from SCP. but I got the below situation
...
, XML
Dear all,
The Panorama feature "Scheduled Config Export" is a great way to backup all device configs to a central backup repository.
I known one can import this XML config from the device itself,
But would there also be a way to import the complet
...
Hello,
I have a firewall rule on the Internet Firewall list this
Source: Palo Alto Networks - High risk IP addresses - Palo Alto Networks - Known malicious IP addresses
Destination Any
Service Any
Action: drop
So if an ip inside the two EDL try t
...
Are there any build-in tools in the WebUI to identify shadow rules?
I thank you in advance.
Hi Serial number is got from palo alto firewall, we try to add the firewall into panorama. but I got the error message as below picture. This firewall is the first one to be added to panorama. why it has Maximum issue? Thanks
Hi all,
I am considering network design that have:
- Dual ISP (public IP /29 for each)
- 2 x PA with active/active HA
- PA connects directly to L2 networks (LAN)
Requires:
Load sharing between 2 ISP Internet links
Problems:
Is it possible to conf
...
Hi,
I have a strange issue i am trying to import the globalsign root certificate into panorama device template.
I am following this article (also doubt the global sign is needed because when i browse manualy to the EDL the url is singed by Google)
Co
...
We are using the PAN's DHCP server for some of our sites and for some reason its only pushing static entries to our Windows DNS. We need host names to resolve for all IPs at these sites. Was wondering if there is something we need to do on either sid
...
Hello,
I am deploying an Active/Passive Palo Alto HA VM's on Azure with an external and internal loadbalancer topology (picture below), I know that the NAT is done by the public Loadbalancer so no need for public IP address on the VM's interfaces so
...
Hi All,
We are planning to upgrade the Panorama installed in AWS. Can we do in place upgrade as we normally do? Or do we need to install the new version may be 11.0.0 in the new VM in AWS and migrate?
Regards,
Sanjay S
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
OtakarKlier
on:
Restricted tcp flow throughput in a VPN tunnel
reaper
on:
password reset for user through support.paloaltonetworks.com
OtakarKlier
on:
Disable USB Port on Firewall
PavelK
on:
Web Auth FW with HA
reaper
on:
Negate Deny Rule
