Migration from Checkpoint R81.10 to PaloAlto

Hi Team,

We need to migrate a cluster Checkpoint firewall to PaloAlto. We do not have any Zones configured in Checkpoint, but Palo should have Zones as it is zone based firewalls. May i know what is the best way to migrate? Any KB or guide that can g

Ignite On Tour Stockholm, Sept 19th 2023

Wish to participate as an interested cyber security network technician but in private. How to do?

Reason is that I am still on aprroval my new work and do not want to affect my approval.

Best regards, Erik

Using Loopback interfaces for a site-to-site IPSEC VPN

Does anybody have experience configuring site-to-site IPSEC VPNs using loopback interfaces instead of phsical ones?  If you are going to respond with a sassy comment (e.g. Why are you doing that?  or That's dumb!) then please don't respond.  I have a

list for PAN IPSEc Error Codes?

Hi Community,

for a problem with IPSEC Tunnels I recently reviewed some ikemgr logs.

Those included some Error Codes(for example error Code 19).

I was just wondering if there exists a list with error codes and the explanation for those codes?

I searche

unable to access Palo Alto Web GUI.

Hello,

After a recent update from 8.1.20 to 9.0.0, we are not able to access the Palo Alto web GUI (hmmm.. can't reach this page)

But we are able to ssh to the device though. We are updating the firmware to the latest version but now need to figure

Power supply unit for Paloalto PA-850

Hello everyone,

I have Palo alto PA-850 at my warehouse which needs the power supply unit replacement. My colleagues says it should be DPS-500WB-2 B model but a lot of suppliers says they have DPS-500WB-1 A and it's the legal replacement. But I cou

PA VM Firewall

Hi All,

I have issues configuring eth1/2 in the VM firewall. I have configured eth1/1 as internet facing interface.

eth1/2 should be the MPLS facing interface. When checked on Vcenter the NIC is showing teh Mgmt interface IP and not the eth1/2. Tried

Log System setting

I want to set up messages to be sent to email Log Settings - Config 
I want every user who connects to the admin to receive an email no matter where the WAB or CLI or IP source comes from.

@filter builder

(severity eq informational) and (description c

DHCP Interface Stuck

Hi All,

I have a situation where the Meraki sends error saying it cannot reach the internet which is connected to the PA and then to the Service provider's NTU. The NTU is providing DHCP connection to the PA's ethernet port.

No error message is seen

IP Wildcard mask for IPv6 adresses

Greetings! I am running a VM with PA-VM-KVM-11.0.0 and wanted to test the usage of "IP Wildcard Mask" addresses in Security Policy Rules.

The addresses I want to select look like

fd00:10:244:*:2000::/80

and "IP Wildcard mask" type for addresses s

QSFP Connection between 5220 and Nexus9k QSFP interface question

Has anyone connected Nexus 9k to PA 5220 via the QSFP interface?

If so will the Cisco QSFP-H40G-CU3M 40GBASE-CR4 Passive Copper Cable work? Done research but just not 100 percent if it will work.

Thanks!

Route to IPSec Tunnel

Hi All,

I need to add a route pointing to a Tunnel interface. As the peer has dynamic IP have created the IPsec tunnel with Dynamic IP Peer Identification as its Hostname.

To Add route in the VR as we do not have IP address if i just point it to th