VPN Site to Site configuration between two PAs

Hi,

I've been trying to get clients on the end of two different Palo Altos to be able to ping each other. Everything is green but the IPsec Tunnel doesnt seem to be working. Using tracert, traffic from a client first hops to the LAN Port and then to t

Doubt regarding fullbackups firewalls managed from PANORAMA

Hello friends, good evening. I am new to administering Panorama and therefore firewalls through the Panorama console and I have some doubts, mainly with backups, which I hope you can help and support me.

Understanding that example I have a firewall m

Howto delete sub-interace from cli

Hi,

I`m trying to delete a sub-interface from CLI but cant seem to find the correct command, i managed to remove the IP address and tag but not the entire sub-interface.

admin@PA-200# delete network interface ethernet ethernet1/4 layer3 units ethernet1

Receiving false positive alert for AWS config recording is disabled in Prisma cloud

We tried with the mentioned steps and enabled the recording following below recommendation:

User-id agent timeout integration with dhcp lease timeout

Hi all,

let's suppose these conditions:

- interface with dhcp enabled, 24 hours lease timeout, ip range (for example) 192.168.3.0/24

- user-id agent enabled with 45 minutes timeout

- virtual machine environment with non persistent vm, so when a machine

Panorama commit to template error after enabling device and network template

Hello everyone,

i have faced a problem when creating a group mapping to get Active directory users from ldap to policies , it didn't works. and after some reseach i've found that i should enable device and network template option in device panorma set

Desktop Office apps unable to see Microsoft O365 people or resources

Hi,

Have two separate issues, but think they are connected by lack of firewall rule somewhere, cannot locate what I am missing thou..

Issue1:

When I try to use SHARE button inside desktop version of Word/Excel/PPoint to share document, cannot see anyone

Palo alto subscription

Hi,

If palo alto subscription expired , does it limit the bandwidth of the interfaces ? 

Thanks

url category with wildcard

I have to create a url category which is would allow anything coming from url

x.y.z.com/api-*

every time i try to create that custom url category i get the following error

"Consecutive asterisks (*) in a URL wildcard pattern can severely impact perfo

site to site vpn. IKEv2 and fragmentation?

When configuring a site to site IPSEC tunnel, i see that the IKE gateway can be set to allow packet fragmentation or not (DF bit) when using IKEv1. However the option isn't present for IKEv2. Other vendors, such as Cisco, allow the DF bit to be set f

Our Palo Alto HA break connections in every 24 hours

I have noticed my primary Palo Alto 820 HA heartbeat gets disconnected every day at 9 a.m. This causes a 5-minute network outage every morning. suggest what could be the cause.