bgp troubleshooting

Hi I'm having issues with bgp routes not propagating I know that I can click on view routes under the virtual router section, but was wondering if I could see the bgp errors in syslog, doesn't seem like I know the search string if that is possible, o

PA default interface state

Hello community 

I've been searching but couldn't find an answer so:

What is the default interface state (out of the box firewall)? Is it forwarding L2 packets? Can I create a L2 loop by connecting two interfaces between FW & a switch?

Cisco BGP neighbor x.x.x.x local-as yyyy feature on Palo Alto

Hi,

Does Palo Alto support Cisco BGP neighbor x.x.x.x local-as yyyy feature? or there is any way to achieve the same (Palo Alto FW has a local ASN, but it uses another local ASN just for a specific neighbor)

Thanks!

PANOS 10.x - share interface in Multi-vSYS mode

Hello All,

We are working on a design to move Cisco ASAs firewalls into PA 5260 with Multi-vSys mode enabled, so each Cisco ASA is a separate vSys. 

While everything else looks like nice and easy-to-convert, we have problems with shared interface. In

Problem reaching MGMT by vpn

Hello

A few days ago we upgraded from version 9.0.10 to 9.0.14, after that we lost the management from the VPN S2S, everything is fine , however, in the connections we see that there is no response from the Firewall to our queries. In the monitor we o

Replace firewall order

I have a question about upgrading a firewall to new model.  I've done it in the past but always seem to forget the order.

I have a firewall that is managed by Panorama, with some local policies also.  I have downloaded the device state from the exist

Disk-Space issue

Hi Team,

We are using PA-3020 and the disk space is usually used upto 95% and we have enabled agressive cleaning as well as we do manual cleaning once a week where the disk-space utilisation is below 95% and in a week it gets utilised upto 95%.we need

HTTP2 allowed without strip alpn enable

Dear Team One of my customers wants  HTTP2 benefits with decryption enable.

The customer don't want to enable the strip ALPN because it Downgrades to HTTP1.1 

Can we do decryption with HTTP2 Downgrade with decryption? 

Logged in Admins _cliuser normal?

Hi there,

Today I accidentally discovered the user _cliuser in the widget Logged in Admins on the dashboard of our Palo Alto Firewall.

After a few seconds it was gone.
Unfortunately, I didn't find anything through the search, and seeing this for the f

Layer 2 tunnel on a Palo alto

Can you create a layer 2 tunnel on a palo alto 3050? Is a layer 3 tunnel better than a layer 2 tunnel? Is a layer 2 tunnel more of a private or direction connection than a layer 3?

Experience/feedback with VLAN insertion design for East-West traffic segregation

Experience/feedback with VLAN insertion design for East-West traffic segregation

We are planning to leverage the VLAN insertion design for achieving micro segmentation in out OT network. 

just thought of checking within the Live community team for an

routed interfaces in vsys1 and virtual wire config in vsys2 possible ?

Hi all,

I've not found a conclusive answer in the config guide - although it stands to reason to assume the answer is "yes".

In a multi vsys environment can I have a regular deployment in vsys1 (i.e. routed interfaces acting as DGW for my secured vlan

Cisco Webex Calling - One way calling

Does anyone utilize Cisco Webex Calling with a Palo Alto firewall? We run Webex calling and ever since we switched to the palo alto, calls sometimes will only go in one direction (you can hear them, they cant hear you) or no way (either sides cant he