Palo alto 220 Disk issue

We have PA 220 at few of our site. Multiple times a day it's getting "Disk usage for / exceeds limit, 97 percent in use, cleaning filesystem" Sometime it goes to non-functional state because auto disk cleanup won't work and it will fill out 100%. I h

Outside WAN port staying red on backup PA-850 when failing over from active - services do not work

Hi All,

Having a strange issue. I have a cluster of PA-850's in HA.  Last night I failed over my active PA-850 to the standby 850.  What happened is the backup 850 became active, and the inside and DMZ ports went green, but the outside port Eth1/1

how to move palo 440 from spare to activated

I went to register my palo 440. for some reason it registered as a spare. Not sure how to undo the spare function to activate the device and apply licensing

Where I can find real live source of malware and URL's with bad reputation for testing?

Hello Guys,

I'm looking for a place where I can take real live example to perform crash test of  my FW 

I'm looking for malware samples as well as URLs

With regards

Slawek

RTCP issue for matching policy

Hi,

We are having a issue with RTCP traffic. The RTCP traffic is jumping the rule configured for this and matching the last rule (bypass).

The filter for the correct rule is application rtcp. We see that the application is identified but sometime

Error when export configuration from WebUI on Palo alto firewall

Hi everyone,

When I export configuration from WebUI ( in section Export named configuration snapshot) , Palo Alto has redirect another web with error imformation :  Error 500: Internal Server Error.

Plesse help me to fix this error.

Active/Active failover triggers for multiple Vwire?

Hello,

I've been looking for some time docs which closely describe PA Active/Active setup for only Vwire interface mode (multiple defined Vwire's), especially failover triggers like a link or path monitoring, but no luck. I decided to start with th

GlobalProtect stops to connect

Hi all,
GlobalProtect stopped to connect to server. 
So it works before ( I did not install any new software, firewals, proxies, .... etc) It contiue work under VirtualBox machine, so it is not a problem of my internet provider, but it stops to connect

BGP AS-Path allow

Hi All,

I suspect the answer to this is in the Advanced Routing in PanOS 10.

We have configured a new system as Active-Active and BGP. The firewalls are in different DCs, the DMZ side of the firewall can talk to routers in both DCs but only its l

Allow traffic other than IPSec

Hi all,

Site A

Source Zone: test-DMZ

Interface: ae 1 (172.16.1.1)

Tunnel Interface is in internal-trust zone.

Static route set to destination 10.10.10.1

I have an IPsec tunnel between 2 sites. 

However, i want to allow traffic from other sources

How to whitelist specific URL with path included.

I want to whitelist a specific URL with path. Eg: https://live.paloaltonetworks.com/t5/forums/postpage/board-id/members_discuss

I tried adding it the same as it is in URL category and created the following rule:

Source: Ip of source

Destination: ANY

Active-Active Firewall - BGP failure condition

Hi All,

How can I instigate a firewall failover for an Active-Active firewall if BGP fails? I feel I need a full failover but please tell me if I am wrong.

Here is the situation: Firewall in Active-Active mode, HA1,2 and 3 up. BGP peering on outs

Unable to Login After Factory Reset

Hello Community,

I have just carried out a factory reset. However, now I'm not able login with the admin-admin login/password. 

I'm presented with the prompt:

PA-HDF login: 

I read I should wait for the prompt:

PA-500 login:

However, the