Active/Active failover triggers for multiple Vwire?

Hello,

I've been looking for some time docs which closely describe PA Active/Active setup for only Vwire interface mode (multiple defined Vwire's), especially failover triggers like a link or path monitoring, but no luck. I decided to start with th

GlobalProtect stops to connect

Hi all,
GlobalProtect stopped to connect to server. 
So it works before ( I did not install any new software, firewals, proxies, .... etc) It contiue work under VirtualBox machine, so it is not a problem of my internet provider, but it stops to connect

BGP AS-Path allow

Hi All,

I suspect the answer to this is in the Advanced Routing in PanOS 10.

We have configured a new system as Active-Active and BGP. The firewalls are in different DCs, the DMZ side of the firewall can talk to routers in both DCs but only its l

Allow traffic other than IPSec

Hi all,

Site A

Source Zone: test-DMZ

Interface: ae 1 (172.16.1.1)

Tunnel Interface is in internal-trust zone.

Static route set to destination 10.10.10.1

I have an IPsec tunnel between 2 sites. 

However, i want to allow traffic from other sources

How to whitelist specific URL with path included.

I want to whitelist a specific URL with path. Eg: https://live.paloaltonetworks.com/t5/forums/postpage/board-id/members_discuss

I tried adding it the same as it is in URL category and created the following rule:

Source: Ip of source

Destination: ANY

Active-Active Firewall - BGP failure condition

Hi All,

How can I instigate a firewall failover for an Active-Active firewall if BGP fails? I feel I need a full failover but please tell me if I am wrong.

Here is the situation: Firewall in Active-Active mode, HA1,2 and 3 up. BGP peering on outs

Unable to Login After Factory Reset

Hello Community,

I have just carried out a factory reset. However, now I'm not able login with the admin-admin login/password. 

I'm presented with the prompt:

PA-HDF login: 

I read I should wait for the prompt:

PA-500 login:

However, the

reset qos application statistics

Hi all,

I was wandering if there's a way, under network -> qos ->statistics, to reset the application list of an interface.

These list are never refresched and contain applications that are no more seen. So I really would like a fresh start in or

DNS security license

French Arab milf an*l f*cked - https://livesex.run
Pegging bisexual cuckold and shemale - https://sexcam.red
Closeup titf*ck and bl*wjob - https://livesexcams.work

NAT without braking current IPSec

Hi All, 

Need some help regarding my dilemma.

IPsec tunnel between Site A and Site B.

Static route for this tunnel is setup to forward traffic to only on subnet (10.100.x.x).

I am working on updating patches on server that is under Site A.

I need a

PCI DSS 3.2.1 Responsibility Matrix for SaaS Services

I've been looking for any details from Palo Alto regarding the responsibility of controls for PCI 3.2.1 when it comes to SaaS and PaaS offerings such as Prisma Access, Wildfire, XSOAR, XDR, etc.  Most service providers will publish a 'responsibility

PA-220 maximum PAN-OS version

Hi All,

May i know what is the maximum version of PAN-OS supported by PA-220.

I am migrating PA-500 to PA-220 can i just import the config snapshot directly from PA-550(PAN-OS: 8.1.18) to PA-220(PAN-OS: 9.1.0)?

Please suggest. If there is any link wh

Panorama - Administrators user - Required Password Change Period (days) - Pan-OS 9.1.14

Panorama - Administrators user - Required Password Change Period (days) - Pan-OS 9.1.14

Good afternoon, Thank you for your collaboration and your time

I am doing some tests in relation to Minimum Password Complexity -Enabled, mainly to force the