Palo Alto Machine Certificate Report for Cert-based VPN Authentication

I am looking to enable Certificate-Based VPN Authentication within our network infrastructure. Prior to implementing this feature, I would like to to run a Palo report to identify endpoints recognized by Palo Alto that possess machine certificates is

Panorama push errors None after upgrade

We recently had this issue where after upgrading firewalls to 10.1 the panorama gave a error on push to certain firewalls with description "none" which wasn't very helpful.  On further process eliminating we discovered it was only VM FW's in AWS the

Handling of and Awareness of APP-ID shifts or new releases

I'm not sure how much it's been publicized, but there's a pretty significant improvement to how Palo is letting customers handle newly released APP-IDs or application shifts.

Thus far when new app-ids are released customers just have to accept them

Monitoring the firewall

Hello,

i would like to monitor the firewall using centreon. Unfortunately we are using the free version so we dont have access to the snmp and ssh plugins packs and we have to do everything by ourselves.

To get CPU, uptime information and so on i

Static route Path Monitoring showing down

Hi All,

I am facing an issue with the path monitor. I have created the path monitor for two static routes and the destination is the same but the stacked switch is placed in a different location. 

I am using the two different IPs used for path mo

Tunnel Monitoring

Hi Team,

I wanted to setup Tunnel Monitoring for the Dynamic IPSec tunnels. Peer end IPs are dynamic, we have around 5 to 6 VPNs that we need to monitor. I was going through the SK where it says for Tunnel monitoring, we need to have IP address confi

System Log Events

Does anyone know if there's a list of all the events that get logged to the firewall System Log?  If so, could you please point me to it?

The Administrators Guide refers to this list however, I cannot find it.

Kind regards,
Jeff

IPSec Phase 1 tunnel not connecting

Hello Everyone,

Need your support to fix a FW to FW PA IPSec Phase 1 tunnel not connecting.

I have checked the setting with the vendor and configuration is same at both the ends.

Below are the debug logs from PA

2023-11-30 14:30:40.000 +0400

Required PAN-OS 8.1.25-h1 for PA 3060

Hi,

As per the advisory https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/ta-p/564672 customer need to upgrade the PA 3060 from version 8.1.15 to 8.1.25-h1 or greater but i'm unab