Failed to determine issuer

Hi guys,

I have a certificate that I need renewing as it's expired, but I am seeing "failed to determine issuer" when attempting to do this.

The certificate is a self-signed certificate, but it wasn't generated on the Palo, but rather an external CA.

Redistribute Route to GlobalProtect with BGP

Background:

We have a 172.20.0.0/16 internal network that is connected to our Amazon AWS VPC. A route is successfully advertized to our AWS peer using BGP and from the local network I can reach our server instances in the VPC. AWS resources are assign

Exporting information under "managed device" Panorama

The data presented in " managed devce tab " under Panorama is very useful for reporting ike

" all updtes happened" ( I want to know if all dynmaic updated hapened for all firewalls) 
"active/passive"( I want to know if any failover happened) 
System reb

Can a IPSec tunnel entry be used by muliple connections

Hi, We have a number of (25+ ) remote 4G modems, that we wish to have VPN'd into our network. The modems can do L2TP/IPSec, IPSec, PPTP. Each modem has a WAN interface which is dynamic and a LAN interface with either one or two devices connected to i...

Help with inter-subnet routing

Looking for input on a subnet routing, issue I am having. 

So I have let’s say for argument I have two zones, Trust and Untrust. 

Interfaces

Int 1/1 - Untrust Internet 192.168.0.1

Int 1/2 - Trust 10.8.1.20

Int 1/3 - Trust 10.26.96.1

I have a vi

Help with network design

So my network consists of a PA200, a Juniper SRX, 2 servers, a VOIP phone, and a WAP. 

I recently configured the PA-200 with 3 subinterfaces for the 172.16.2.1/24, 172.16.3.1/24, and 172.16.4.1/24 networks. The Juniper port was configured with as a t

PBFand Default route

In our orginazation, we have dual ISP and PAN firewalls. We have configured PBF with ISP 1 and default route for ISP 2

Both ISP interfaces on Pan firewall is same zone called untrust

example :  ethernet 1/11 

                     ethernet 1/11.200 ---

How PA can replace a Proxy

Hi,

i search a easy way to see who is surfing on witch web site. where is it and how can i automatically write it to our file server oder any where else to?

So my dream is to put our proxy out of order.

the PA is connected to LDAP i can see a user but

Routing via a new internet connection

We currently route all internet traffic out through an internet connection connected to Ethernet1/4 on out firewall. I have another Internet connection that I'm going to connect to Ethernet1/6, and I want fraffic from one of my VLANs on site to route