Policy optimizer on firewall or Panorama - can we automate or send reports on monthly basis to an email address?

I am looking to automatically send reports of unused rules (90,60,30 days...) to an email address, is there a way to do that?

Layer 3 Ethernet Interface vs Layer 3 VLAN interface

Trying to really understand the difference here. I have never made a Layer 3 VLAN interface using the VLAN tab on "interfaces".

When I make a layer 3 interface I use Ethernet Layer 3 interface that connects downstream to a switch. From what I can t

Firewall PA doesn't process network traffic.

Hi everyone! First, sorry 'cause my English is not good.

My issue don't let me sleep. My firewall (PA-3410 v11.0.0-h1) doesn't process traffic, I can't do ping at other interface than MGMT. The Monitor is clear!.

The only thing I have observed is th

Can we configure a VPN gateway for cisco anyconnect ?

Can we configure a VPN gateway for cisco anyconnect via Paloalto FW ?

GlobalProtect windows negating/disabling RSA Authentication

We use RSA's MFA Agent for Windows authentication.  When we install or update GlobalProtect, it disables the MFA Agent at Windows login until we connect at least once via the VPN.  It appears it is adding itself as an authentication provider into the

Zone to zone interaction PBF

Hi All,

i have some doubts ....

1.i have three zone TRUST,DMZ,UNTRUST. 

2.there is a nat policy from TRUST zone, DMZ zone to untrust 

3.all interface is under same VR .and there i haven't add any static route yet. instead i create a PBF rule from bot

VRF lite two different set

I want to use two Virtual Router

VRF router-28 and VRF router-128

WRF-Router-28 for wan, inside DMz 

Second-Router-128 WAN, INSIDE and DMZ

Separation port connection for two set of DMZ, WAN and inside

this all allow for PA-440?  

I'm trying to use as

Error 503: Service Unavailable

Hello!

I am configuring  an ha cluster Fw 440.Firmware 10.1.3

When i push "commit" i lost gui access.

I can ping andaccessvia ssh to fw.

I recover the gui access via cli:request restart system.

I have updatefirmware to 10.1.11-h5 but i happen the

Cannot Create Account on CSP

Hi, we've received our PA-445 but cannot create a Customer Support Portal account for it.  After entering the serial number and sales order number I receive the following error:

Unable to create user account, request matches multiple Support Accoun

Right way of moving cable

Please find the exsisting set-up:

Juniper switch---ospf--->Palo-Alto firewall------------tunnel-----> External 3rd party Cisco Router

We are planning to change the Juniper switch to Cisco switch and make the configuration as below:

Cisco switch---o

Looking for Lab

I"m looking for a full lab access and I can't find for Palo alot

PA410 Version: 10.2.7-h3 does not send logs to Panorama

Hi team, 

I got a question , after upgrading Panorama to 10.2.7-h3 the logs stopped to be reflected on. (PA-410 to Panorama) ( from PA-3250 to Panorma is working properly). So , I proceed doing the following :

1. We proceeded with the workaround

Bug Search Tool

Hi all,

I've created a tool, that you might find helpful.

It can be tedious to search for specific bugs, or when a bug have been addressed. This tool gathers all known and addressed issues from all (not EoL) releases and makes it easier to filter