Panorama Policy Push Failed

Hi Team,

I am unable to push policy from Panorama to one of the firewalls. Getting the Commit Failed due to below reason.

. ssl vpn cert file (CERT_GW) processing failed
. (Module: rasmgr)
. global-protect-gateway tunnel interface (tunnel.1) in vsys

Upgrade Path from v10.1.10-h2 to 10.2.7

Hello Fellows,

What can be the best path to upgrade from v10.1.10-h2 to 10.2.7?

Can we do it directly ?

We have Stand alone 220s and 2 HA pairs of 5220.

Thank you

Regards

Hina

CPE for the Conferences or Summits

Hello,

Can anyone help me how to check how many ISC2 CPEs are provided from Palo for the Summit and Conferences (like one we have recently in London Threat Management MicroSummit on 5th Dec-2023?

Thank you

Regards

Hina

Failed to Fetch the Device Certificate

Hi Team,

I facing the issue to install the device certificate. I have generated the OTP in CSP. and installed it in the panorama-managed firewall. but we are getting the below error ' Failed to fetch the device certificate.TPM public key match fail

Packet buffer protection - PA5220 vs PA5410

I've recently upgraded my firewall from a PA-5220 pair to a PA-5410 pair. The firewalls were on the same PanOS version (10.2.4-h2) and with the same configuration. This was the original configuration for PBP at the upgrade time:
The 5220 wasn't loggin

Dual ISP failover - stuck UDP sessions

Hi, I've configured Dual ISP failover using a PBF and everything seems to failover from ISP1 to ISP2  just fine. My issue is after we have failed over to ISP2 and ISP1 comes back online, not all traffic flips back to ISP1. 

UDP sessions for devices t

GobalProtect setup accross multiple standalone FWs in Azure

Hi All,

current setup more or less..

                                      |---PAN FW1---|

internet -->--- Ext LB----                         ---Int LB--------Azure Env

                                      |---PAN FW2---|

PAN FW1 and PAN FW2 a

Export/import tool using set commands

"Hello to the Palo Alto Networks community,

After conducting research on the tasks of exporting and importing configuration file in PA-VM version 10, I've learned that using file transfer protocols like TFTP and SCP allows for the export and import o

PA-3220 after upgrade into 10.2.6

Experience applications flow issue, most of the sessions incomplete (i deleted all active sessions with no resolution), reboot, fail-over several times, no luck. I opened a ticket with Tech support for advance packet flow process analysis no resoluti

DH group 15 not supported in phase 1 with IKE v1?

I need to migrate an old firewall to a PA-440 and came across an ancient IPsec where they have used DH group 15 for both phase 1 and 2. According to the docs for PanOS 10.2 DH 15 is now supported but the 440 whines about DH15 in phase 1 as I use IKE

PanOS 11.1.0 Upgrade - Panorama Refuses to Commit or Push on a Multi-VSYS System

Hey Team,

Has anyone encountered any problems performing the PanOS 11.1.0 Upgrade? I've encountered the following issue after an upgrade, where PanOS (Panorama) would not commit changes, much less push them to our devices. The configd.log file shows t

Palo Alto Authentication Failed Error Code : -1 after successful MFA SSO

Hi Team,

Getting Authentication Failed Error Code : -1 after successful MFA SSO. 

It actually takes the UN and PW, also was able to authenticate with my yubikey, but then it gives this error message.

Any fix to this please?

not able to open support case

Hi,

When I try to open support case error message coming up saying "Problem Category is missing".

Although I select the product as PAN-OS while creating the case.

BR,

Alaa