After firewall upgradation to 10.2.1 packets are dropping and outage

After firewall upgradation to 10.2.1 packets are dropping and outage

SSL Decryption Exception - Password Managers

Has anyone setup an SSL Decryption exclusion list for Password Managers (i.e. BitWarden, LastPass, 1Password, etc)?

If so are there any tips or resources you could point to.

Palo Alto BGP: Conditional Advertising

Dear All,

Recently we have been migrating to a non-trivial BGP setup, and I have had to experiment with the conditional advertising BGP feature in Palo Alto. I was familiar with this concept from cisco, but alas I still found the documentation availab

HA Active/Standby HA-1 and HA-2 Ip addressing

The training videos say

HA1 1.1.1.1 <-> 1.1.1.2

HA2 2.2.2.1 <-> 2.2.2.2

do there addresses ever get place in the Routing table , RIB, VRF or Vwire?

I wish to avoid any issue where  people cannot route to cloudflare 1.1.1.1 or other conflicting

Policy Based Forwarding is not working for Secondary ISP

We recently added a new Internet link to our PA-3020. We want only one server (10.1.12.130) to use it, so we configured the new internet link interface as layer-3 , assigned it a static IP, created a PBF policy that basically specifies the zone (i

Data Filtiring logs not Show on GUI

I got a problem with showing logs. In past I got problems with threat and data filtering logs, they are simply not showing on the monitor tab.

I clean some space from the disc and upgrade pan-os to next version, threat logs start working, but still n

Panorama Log Retention Command

Hi,

I am running the command to show the Panorama log retention details on a Panorama M-500 'show system logdb-quota'

This doesn't show me the retention of traffic, threat logs etc:

user@PAN-PRI(primary-active)> show system logdb-quota

Quotas:
s

Threat Map Clarificatiion

Are these threats that show up on the map active or stopped attacks?  Is there any logs of what exactly happened?

VPN IPSec con 2 IP de destino diferentes, igual dominio de cifrado

Hola,

Alguien sabe como puedo configurar una VPN IPSec con 2 IPs de destino diferentes y con dominio de cifrado igual, que cuando una de las VPN IPSec deje de funcionar la otra se active ?, es decir que una de las VPN IPSec estará en espera.

Dipp nat pool duration time

Dear Team,

Any documentation or information regarding dipp nat pool duration time?

I would like to know how much the previously allocated IP:Port is maintained.

If anyone knows about this information, I would appreciate it if you could share it

Delete MAC global protect agent from GP Portal

Hi,

Is it possible to delete to dowload the GP Agent for MAC from GP portal????

We only want client for Windows in GP portal

thanks