Palo Alto's stance on CVE-2024-3661

Does PA have a response to CVE-2024-3661 for it's GlobalProtect users?

region 'Americas' is invalid. device telemetry region 'Americas' does not match lcaas region 'europe'

Does anyone know how to change the lcaas region?

Extending VLAN through IPSEC + GRE

I am trying to extend the VLAN from main site to branch site using a combination of GRE and IPSEC.

Below is a quick representation of the architecture, the objective is to enable remote communications between the main and the branch sites for all d

VM-50 discontinued?

Hi,

We have a VM50 firewall in our business for 3yrs and have been told that the VM-50 is no longer available? As such, we need to get a VM-100 licence. Are there any other options? - since the cost is double?

Thanks

cluster

Hello, Can you form a HA cluster with a PA-3020 and PA-3060? Or do models have to be identical?

Globalprotect-Need LDAP and RADIUS auth(MFA)

I am currently using Digipass Vasco OTP as RADIUS for Globalprotect. Users just put in their LDAP username and the OTP to login.

I'm looking to add another factor i.e LDAP username and password before they get prompted for RADIUS token. Pls help me co

What is the deal with VM Panorama mode maximum log storage space?

Hello,

Documentation states that VM Panorama mode can support up to 24TB of log storage on a single virtual appliance.

Each logging disk has 2TB of storage capacity for a total maximum of 24TB on a single virtual appliance

So we add 12 virtual disks wit

TCP fast open and Palo Alto

as far as I could test there is no way to make TCP fast open work through a Palo Alto fw (at least, since  9.1 which seemed to work. It tried 10.2 and 11.2 and all my tests fail there).

Whenever a client sends a SYN packet with data, it is transmitte

10.0.10 code bug? LDAP auth server is up !!!

Since upgrading to 10.0.10, we've been getting system medium severity messages on our active firewalls that "LDAP auth server xxxx.xxx.xxx is up !!!".  We never receive a down message though.  We're not experiencing any issues with LDAP which makes m

Client routed requesting last config in the middle of a commit/validate

i am getting following error while committing config to vm-50

Client routed requesting last config in the middle of a commit/validate. Aborting current commit/validate.
Commit failed

Whatsapp traffic cannot recognize in PA for iPhone user.

Recently iPhone users only facing in WhatsApp "connecting" message, User could not send a message and make a call 

on corporate wireless network But, working in mobile network.
It was working before, day by day users facing this issue is increasing.

SysLog setup not working

Hi,

I am using PA-2050, with PAN OS 4.1.3.

From few days I am trying to configure the syslog to be sent to a central logging system. I followed every possible documentation, but I am not getting any syslogs coming to the syslog server.  I tried on sys

GlobalProtect Split DNS configuration

I'm looking to configure split tunneling and DNS in the following way:

If the DNS request is from a defined list, send the query to the tunnel DNS servers, if not, send through local adapter DNS. If the resulting reply contains an IP in the defined

Palo alto GUI is crashing on chrome browser 125.0.6422.0

I am experiencing an issue where palo alto GUI is crashing on chrome version 125.0.6422.0 when you click on monitoring . This issue noticed in panorama and NGFW with different versions.other chrome version it works fine