To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Hello, I'm doing an active/passive set up with BGP. I will have a router to a the active FW. I will have different router to the passive FW. The second FW will only have BGP peers up when the active FW fails. I am going to have VLANS for the HA 1 and...
I'm trying to figure out how to get traffic from my internal network to my GP VPN clients. At the moment I can't even ping the remote users. They can access all corporate resources without issue I just can't seem to get any traffic out to them. It se...
Hi all - if I have a user account that is submitting changes via the CLI, is there a way to see all the changes made by a certain user? Also, is there a way to commit changes for a certain user only? The only "commit" operation I see from the CLI is ...
Recently we faced an issue with one of the firewalls so we thought to replace with a spare one. we took the device state backup and imported it into the Spared firewall. It was running the same OS and same hardware. But It was NOT factory reset, it h...
Hi,How do I remove diffie-hellman-group1-sha1 from SSH on mgmt port? I've removed the CBC ciphers, but my vulnerability scanner is still showing that diffie-hellman-group1-sha1 is still available for SSH. I'd also like to know how I enforce SSH serve...
We are moving to Office 365 and standardizing on UPN for identification. This required that we create a new UPN suffix for our AD domain. We decided to have our UPN match our email address format. Below are samples of each attribute format: FQDN for ...
Hello to All, From time to time the ICMP fails for the management connection between two firewalls model 7000 with 8.1.x version. The issue causes a failover but the 7000 firewalls have dedicated interfaces for HA and the management should be used on...
Hello,We use centreon as monitoring tool and I get the next alert from palo alto devices PALO ALTO NETWORKS CONTENT VALIDATION CHECK SKIPPED BY USER 'CENTREON USER' FOR [CONTENT VERSION]" I found the next documentation about thishttps://knowledgebase...
To enable the disk A ,we have run the below commandrequest system raid add A1and after 5 min run below command :request system raid add A2 But disk is not enabled. Status is stuck at 0% since last 6 hours. How we can resolve this issue ?
Hello, Clients who are connected via GlobalProtect VPN are experiencing slowness with all their traffic traversing the VPN (ie.. Internet and Server access traffic).The latency is between 200-400ms for all the traffic regardless of whether its Intern...
I have a working GlobalProtect setup right now using a single Portal on the district firewall, and a single Gateway on the firewall for the location I want to have access to. Currently, these are using dedicated public IPs that are not used for anyth...
We recently had a failover event during a normal upgrade of the firewall (10.0.1 -> 10.0.4). The LACP aggregate interface on the Cisco switch / Firewall did not come up during this time, which resulted in a longer than expected outage. Powered down f...
Dear Team, I have two interfaces configured in my panorama:1-management interface2 -ethernet1/1. for software and dynamic updates by default, my traffic is going via management interface. I want to change the service route through ethernet1/1 but I a...
Hello everyone, I spent a year working directly with Palo Alto firewall and I would like to get some certifications, but all video content I find is purely in English and I still don't have a command of the language. Did they have any text material t...
Hi All, I have a guest wifi vlan 10.25.x.x that needs to be routed out to a second ISP. AP-->WLC--Palo Alto FW-->MPLS/VPLS-Router-->L3Switch-->ISP The vlan will each have a sub-interface and gateway 10.25.x.1 assigned on firewall in its own guest zon...
on:
Error while creating a user
on:
problem with userIDAgent in RDP
on:
HA malfunctioned due to data plane down
on:
Using PowerAlto to create PA address and PA address group
