Upgrade 5.0 to 6.1

Firewall device has two disk partitions:

Partition 1 => 5.0.X

Partition 2 => 5.0.Y (current active version)

When you install now 6.0.X, it will overwrite 5.0.X

So after reboot Partition 1 will be active. Then you install the next update to 6.1.X, this wi

Configuring Prelogon for GlobalProtect

I'm having a heck of a time getting prelogon working for global protect.  I have spoke with both Palo Alto support, as well as a vendor that is a Palo Alto partner.  Neither were really able to answer my questions.

Here is what I have today.  Two Palo

Change HA from A/A to A/P - techniques and known issues?

I have two PA-500's in Active/Active.

We do not need to have them in A/A (in hindsight, it was a mistake) because we do not use asynchronous routing or meet the other typical A/A criteria. I think we are paying for that mistake, as you'll read below.

W

How can I see the session information (interface and ip details) of dropped packets because of ip spoof protection?

thanks,

Emma

Error: Certificate failed to load: invalid certificate chain

Hi there,

I generated a CSR with PAN-OS 6.1.3 and submitted it to our Microsoft AD CA with subordinate CA template. After uploading the certificate it shows up under the root CA certificate of our domain. But when commiting the changes I get an "Error

How to forward traffic (URL) to a syslog server?

The $misc variable can only be used for Threats?

How to register the URL in syslog server?

CEF Key Name: request

Full Name: requestURL

Data Type: string

Length: 1024

Meaning: URL or filename for threat logs

Palo Alto Networks Value Field: $misc

from PANOS_6

preemption loop detected

Hi,

I have two PAN 500 in HA A/P configuration with PAN OS 6.1.3 and virtual wire configured with link detection failure ANY. I tested link failure detection in way to disconnect one side of Vwire and passive device takes over and became active. After

HA A/A or A/P

Hello All,

I have such situation where considering in which mode to put HA PA configuration. As you can see on drawing, customer consider to put PAN in sandwich of VRRP cluster and vLAG virtual switch. VRRP has one virtual IP and MAC, and all destined

Global Protect LDAP Child Domains

Has anyone setup Global Protect with LDAP for Child Domain or have a link to a doc on it?

Global Protect works perfect for users in the parent domain. Want authenticate users in the child domain.

File blocking .doc isnt working

Hi,

We have configured a policy for File blocking in order to ask confirmation before download .doc files.

doc file: www.apd.cat/ca/media/2165.doc

This is the policy

When i try to download this .doc file, the browser stuck loading but it shows nothing, t