Static Routes for Subinterface

I have a question about static routes for subinterfaces for my ethernet1/2 interface, I currently have static routes for interface ethernet1/2 to access some remote servers, but many of my subinterfaces of ethernet1/2 also need the ability to access

How to import certificate with same subject and issuer field which is not marked as CA

When I try to import such certificate I get "Only self signed CA cert can have identical sub and issuer fields" error.

The certificate is not from CA server so I don't have "Back up CA" option as described here:

https://knowledgebase.paloaltonetwor

PDF Report outlook missing attachment

Hi, my firewall is set to send PDF reports daily, attachments are usually not visible when receiving emails using Outlook.

Studying the source code of this email found that Outlook can display attachments normally as long as the = string is removed

"Introduction to Cortex XSOAR" and "IT Administrator Training" Assessments - Redo

I couldn't find a way to post a support ticket so I'm going through this section first. If you have any solutions to send an official support ticket, please let me know.

Besides that, the base problem I am having is I cannot retake both "Introducti

Machine Learning engine for PE stopped, please update your content

Hello,

we have been registering this message on our Palo Alto Firewall in the system log since 9:20 p.m. Central European Time.

Does anybody else have this?

Thank you.

Best regards.

Service route for Destination

Have 2 radius servers, 1 is used for admin login and is accessible only via the management interface, and another radius server is used for global protect authentication and is accessible via another production port.

Tried to configure custom servi

HA state on PA-450 devices "unknown" after masterkey change

Hello all,

I am facing an issue with deploying master key in PA-450 firewalls (HA – active/active), I replaced 2 PA 850’s with two PA 450, also in HA.

 After Changing the masterkey was tested on the PA-850s prior to being performed on the PA-450s thr

Palo alto Lab environment

Hi All,

I am hoping to build a lab environment to fully learn the palo alto firewall and I wanted some recommendations on the most cost effective way to achieve this. I already have some physical cisco gear (switches, routers) however I'm not again

Active Active VIP ping inconsistent

Hello All,

i have 2 Firewalls configured in HA Active Active.

I have a L3 sub interface created on each firewall and a vitual address configured as IP-Modulo arp-load-sharing.

ex:

FW1 (primary): 192.168.0.2/24

FW2 (secondary): 192.168.0.3/24

Virtua

GSuite apps not decrypted when using Chrome

I have seen some older posts with no updates on this very subject so I thought I would start a new thread.  I am testing SSL decryption from a couple of workstations and have almost all of the traffic being successfully decrypted.  We are a Google su

Configuration / Rule Set Scheduled Export for SOC2 / ISO27001 Audits?

I'm looking for experiences and suggestions.

We're subject to SOC2 / ISO27001 audits, where the auditors want to know what has been changed in a firewall configuration or rule set. Specifically things like "what rules were added, changed, or deleted

Block HTTP/HTTPS access via IP

Hello.

I would like to block access to my site (http/https) when it is made via IP.

I want to only allow access made by name.

Ex.: www.mysite.com <=> 1.2.3.4

https://1.2.3.4 => deny

https://www.mysite.com => allow

Is that possible with Pal