Failed to renew device certificate

Hi

the device certificate is going to expire end of march.

My PA trys to renew it and comes up with the following error:

Failed to renew device certificate.Failed to send request to CSP server.Error: No OCSP response received(dest => 35.238.43.180)

I h

Tacacs+ Cisco ISE config

Does anyone know how to configure the cisco ISE side? We can use tacacs now to access the gui but only local usernames and passwords work when trying to access the CLI using SSH. Does anyone have a complete cisco ISE setup? I found a guide to set up ...

PAN-OS 8.0 HA A/S Cluster MAC Flapping

Is anyone else experiencing MAC Flapping with an A/S Cluster running PAN-OS 8.0?

When one of the firewalls is rebooted and goes into the HA passive state the network detects a network loop because of MAC address flapping between the Active and Passiv

Firewall default trusted certificates status in CLI

Hi Team,

I want to know if there is a way to monitor the firewall default trusted certificates status in CLI?

ISP Configuration in case of TATA (Unmanaged ILL)

ISP Configuration in case of TATA (Useful for Indian Customers willing to configure an unmanaged TATA ILL)

** This is useful in case you are not provided with a MUX or a ROUTER along with the Internet Link form the ISP**

If you are a customer willing

dc firewall Management interface

Hi,

Where should I connect in terms of security and management if I need to connect to the oob management interface? I have access layer, collapsed core, and server farm switches.

Thanks

Two ISP Connection with some of my inside network going out one of the two

Greetings,

Looking for some assistance in a scenario below; keep in mind I do not have or wish to have SD-WAN 

1. ISP1 services the inside and outside connections

2. ISP2 acts as a vpn portal for extenal staff to connect to the inside and route to

Can you setup a S2S VPN behind your Outside (untrusted) interface on same firewall?

Hi
I am using a pair of PA-3250 in HA and have 17 S2S VPNs using my outside interface that has /24 public IP assigned to it. Due to ongoing issues with our current internet, we have decided to move to a different internet platform (DIA) and enhance ou

Upgrading PAN-OS active/passive question

I have 2 firewalls in active/passive mode. Am I able to upgrade one of the PAN's and leave the other in standby or passive mode for a few days while I ensure there are no issues before upgrading the second PAN? It is a jump bigger than 2 versions so

Global Protect

Entered the credentials, got the push. Gp is showing connecting and after 2 sec showing not connected and minimizes the agent. Exactly after 5 sec agent pops up.. Started spinning and gets connected.(Without asking for credential and push mfa)

Versio

OOM-Killer on 8.1 Trail (PA-5050 device)

Hi,

i know this is about old software on old hardware, but both are still supported by Palo Alto. In the last months we get a heavy amount of OOM Message / Stack Traces / you name it.

Actually we arent able to push new config changes from Panorama

Can Applications be filtered in some way in Cortex XDR report?

Hello all! I hope your day is going well!

I wanted to know if Cortex XDR has the availability to filter applications in a report?

What my goal is : For example I have 20 systems. Is there any way that I can put a filter on them, to see what Application