Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
In my system logs I'm seeing the following error:
"IKE phase 1 negotiation is failed. Couldn’t find configuration for IKE phase-1 request for peer IP x.x.x.226[500]."
The bizarre thing is that the tunnel IS working despite this error!!!
The reason fo
...
Hi Folks,
We are having PAN-OS:9.1.10 installed on our environment.
We are able to login into the firewall using our admin accounts which are locally created on the firewall with authentication profile set as "None"
Suddenly we are not able to login
...
Hi, Guys. I plan to use the PA-820.
The PA-820 has only two HA ports.
I am planning to substitute the HA ports with SFP ports.
Can I use the PAN-SFP-PLUS-CU-5M with the PA-820?
The PAN-SFP-PLUS-CU-5M is cheaper than the PAN-SFP-CG, so I would like to use
Hello All,
We have a customer planning to enable IPV6 firewalling in their current data center firewalls. The firewalls are currently running in active-active HA mode. I have the below queries.
1. When I configure IPV6 address on the interfaces, is
...
we have recently renew our license of thread prevention . As application and threats are update but the antivirus is not update from Palo alto server. We downloads the AV from support portal and manually install in FW and run this command still ant
...
Configuration:
I have two /56 IPv6 prefixes, one which is used in our Bay Area office, and one which is unused. I have taken a /64 from the unused /56 prefix and assigned it for use by our office in The Netherlands. They will use DHCP to assign the a
...
Hello everyone,
I am fairly new to PaloAlto and currently we try to package the GlobalProtect App for Software Deployment
Documentation on installation was found ad https://docs.paloaltonetworks.com/content/techdocs/en_US/globalprotect/10-0/globalprote
...
Hi folks,
We have PA 7050 firewall chassis and after upgrade to version 9.1.11, we got a sync HA issue, the TAC told us that it's mandatory to configure the log card interface.
So we created a log interface to resolve the issue, the sync HA issue was
...
Hi
I am new with Cherwell Service Management.
I need to fetch change requests from Cherwell and ctasks. I humbly request if anyone could help me with it
Hi,
Wondering if someone can help me out. I've done some searching and have not come up with with much
I have a user who needs to access a few webpages on a custom port. The link for example is something like: https://custom1.config.fake:2546/info bu
...
Hello Everyone,
I have a well developed PA based network, with a single interface and many sub interfaces, trunking to my switches.
I need to change this to an aggregated interface, with all the same sub interfaces I currently have.
What options do I
We added additional URLs to an existing custom url category and on our URL filtering profile, it is set to alert. These additional URLs are completely unrelated to the connection that started to fail. And as soon as we reverted those changes things b
...
PAN-OS 8.1.2, User-ID configured with Windows AD single domain. There are security rules built, based on users/user groups. It is mostly working as intended, but specifically there's [at least] one user that has a different behavior - some user-based
...
as per RBI guideline ,one of our customer from banking sector wants to block .lockbit file type extension,but in firewall i didn't found any such extension.
OtakarKlier
on:
Restricted tcp flow throughput in a VPN tunnel
reaper
on:
password reset for user through support.paloaltonetworks.com
OtakarKlier
on:
Disable USB Port on Firewall
PavelK
on:
Web Auth FW with HA
reaper
on:
Negate Deny Rule
reaper
on:
Generated custom reports have different results
