Resolved! LACP interface ethernet1/24 moved out of AE-group ae1

Hi Guys,

We are getting "LACP interface ethernet1/24 moved out of AE-group ae1" through syslog (emailed) multiple times in a day on PA 3410 running on PAN OS 10.2.3 in HA active/passive. The switch in use is Aruba 8320

Interesting the same msg is rec

Resolved! Palo Alto Layer 2 bridging

Any idea on when or if PAN is going to produce the functionality to do layer 2 bridging (example, traffic on vlan 300 would be directed to vlan 3000...etc? Right now the function only seems to be possible when in conjunction with a physical interface

Resolved! Palo Alto BGP routes from Azure

Palo 5220 running at the edge, using VPN tunnel to Azure virtual WAN running eBGP. Palo iBGP peered to switches, switches peered eBGP to Azure Express Route. My issue is VPN route is always installed in route table rather than express route, I assume

Resolved! New Panorama deployment - templates question

We have a new Panorama deployment.  We are deploying the first pair of PA440 HA pair.  The question I have is around templates and template stacks.  Do we create individual template-stack for each and every site that we will deploy Palo Alto firewall

Resolved! Virtual router not getting attached

2 Azure VMs managed from same panorama template. Adding a loopback interface and IP but virtual router getting attached to only in 1 VM. They are not in HA and are separate firewalls.

It won't even let delete it on this firewall. getting message be

Resolved! System logs view option missing

Hi,

We have recently upgraded all our PA firewalls from 4.1.7 to 4.1.9. I no more see the system logs option. It used to be available earlier. I see the recent system logs on the Dashboard. How do I see system logs?

Resolved! Auto Commit Fails and prevents 10.2.0 Installation on ESXI 6.5

Hi Guys,

Auto Commit Fails and prevents 10.2.0 Installation (upgrade from 10.1.x) on ESXI 6.5 on Active-Active FW where as the peer (on Active-Passive) had no issue.

My question is, as per https://docs.paloaltonetworks.com/compatibility-matrix/vm-ser

Resolved! QoS cleartext match issue

We have setup similar to as below

I created/applied default QoS profiles on AE1 and AE5. However in order to be more granular I want to apply on individual subnets.

As in this example we want to use separate QoS profile for 10.129.0.0/16 subnet for

Resolved! Automate adding certificate to TS agent

Hello, I am trying to automate the configuration of the certificate part of the ts agent . My problem is to automate adding the certificate private key password in the ts agent.

I have the certificate part filled in with registry keys but i have thi