Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
if i have 2 isps, same bandwidth, used for load balancing with ECMP do i need 1 or 2 virtual routers?
Hi guys ,
I have a lots of doubts about how to configure .1q vlan TAG / TRUNK on PALO ALTO FIREWALL.
It`s possible to work with layer 3 interface ?
I don`t found any documents here.
Does anyone have something to help me.
Nbest Regards
THiago LIma.
Hi Team,
I want to Disable weak cipher suites for SSL/TLS and SSH
my question is, are the below commands correct ?
Do I need to run below commands on Active and Passive firewalls separately ?
I am using data port as management ( I do have dedicated m
...
We are using WinRM-HTTPS protocol in the Agentless User-ID configuration, when connecting to the Domain Controller(s) firewall is using the default port as 88. Palo-Alto firewall version is 10.2.3-h4 .
Server-Monitoring shows Authentication-failed or
Hi there,
I'm looking for the correct way to build our UserID redistribution topology based on our enterprise needs.
We have 1 Panorama appliance, 4 PA3020 hosting a GP Gateway component and 50 PA3020 for remote offices.
Our only source for UserID is
...
Can I just export the configuration from the 3020 running 9.1.8 and import into the 440 firewall running 10.1.8? Do I need to downgrade the 440 to 9.1?
Just registered (created an account) on this community and was greeted with "Your company requires multifactor authentication", emphasis on "your company":
By "you company", does it mean Palo Alto, or some other company?
Thanks!
I have a block rule for some of the more egregious regions of the internet. Unfortunately, the regions use the source address within the rule on the Palo so I see no way to negate an IP address in a region being blocked.
Is there a way I'm not awar
...
Hello PAN community,
I have setup user-ID with Active Directory and the hostnames and user names for domain joined systems are being logged in the firewall's monitor.
Some systems have their hostnames resolved, but others are just showing IP addresses.
...
Hi Team,
We have observed a situation where all the connected interfaces were flapped on the Firewall with the below logs, there is no much conclusive evidence in the tech-support logs, not sure if i am missing the log file which has the reason for
...
Hello,
Is it possible to have crowdstrike falcon agent installed on the paloalto vm machine
Hello everyone I have a question, I was recently exporting a few reports to PDF and I realize that the order regarding to the column Day Received is not the same when you export it to PDF as we see in the Custom Report builder.
I'm using version 7.1.3
I would like to reconfigure our PA-3260 FW to use its 40G interfaces instead of the 1G interfaces being used in production now. I plan to create one new aggregate ethernet interface made up of subinterfaces that correspond to each of the individual 1
...
We have configured the Check Point firewall version (R81.10), but it is not supported for native log ingestion. However, we have checked the official Palo Alto documentation for this link: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-
...
Hi Team,
>In general, the PA Firewalls are manged by Panorama will log directly to Panorama or do we need any configuration to be made to push the logs to Panorama?
>What is the best way to configure logging for the firewalls managed via Panorama? Fo
...
PavelK
on:
Web Auth FW with HA
reaper
on:
Negate Deny Rule
BPry
on:
SFP Compartibility for HA on PA - 850
OtakarKlier
on:
Management Interface down
PavelK
on:
check Panorama Hardware reload/facing Panorama hardware reload after commit firewall policy to Palo firewall (
BPry
on:
When applied tag to security policy, Source user color changed.
