Fortigate Cloud Firewall running on FortiOS Version 5. Is this supported by Palo Alto ?

Hello All,

We would like to know whether the Fortigate Cloud Firewall running on FortiOS Version 5 is supported by PA for IPsec VPN as we are getting below error and tunnel is not coming up.

2015-03-17 10:53:28 [DEBUG]: vendorid.c:274:check_vendorid():

IP region assignment

PA 500 running PANOS 6.1.2

We have regional blocks in place that block inbound traffic originating from non-US IP's. However, we have discovered a bit of a dilemma.

We have found that an IP such as 137.135.135.1 originates from Ireland and geomaps as s

Downgrade PAN-OS-6 back to PAN-OS-5??

Per this discussion:PA-2000/4000 trade-in I am also caught in the same boat. From what I recall PAN-OS-5 worked ok on the PA-2020's.  Because of all the issues I am experiencing with OS 6 and the inferior product, I am wondering if anyone had success

TRACKING static route

Hello All,

I have the below queries.

1) How configure 'TRACK' in Static Route (want to monitor the Gateway, As soon as current Gateway is fail immediately traffic will move to another Gateway)
2) How to configure multiple Peer Gateway in a single IPSEC

Mail attachment virus scanning

How can I implement proper mail attachment virus scanning ?

For incoming mail, I have an antivirus security profile in place that should block virusses (smtp decoder), nothing fancy really:

I notice that the PA doesn't filter attached virusses too well

Wildfire Action doubt

Hello,

We do not have license wildfire in some of our devices.

Do you know if wildfire action (Antivirus Profile) would function without this license?

Regards,

dicu

Inspection of 'http-proxy' traffic

My instinct when I read my own title is to tell me to block the app-id type http-proxy as I can't see inside it and it shouldn't be on my network.

However, I have a requirement, mostly due to legacy infrastructure, where all the traffic passing throug

Can Palo Alto be used as a reverse proxy?

We have this scenario that Palo Alto will receive the inbound mail then will be pass to the PMX server(pure message) going to the exchange server. After going to the exchange server, it must be forwarded to the FW but the problem is that the Core Swi

SANS Institute - PAN Firewall Security Configuration Best Practice

Just wanted to let you know

https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777

Certificate failed to load

Hi all,

We have two PA-4060 in active/passive mode with PAN-OS 4.1.12 (I know, old..).

Yesterday, after rebooting passive device auto commit failed with:

Error: Certificate 'XYZ' failed to load: failed to parse key

and device went to not-ready state.

Afte