Issue with network driver of PAN-OS 10.1.3 deployed in azure

Hi Folks,

We have an PA-VM-100 series firewall deployed in the Azure cloud.

We have three NIC cards mapped to the firewall interfaces which is configured as below:

NIC card 1 <-----> Management interface

NIC Card 2 <----> Untrust interface(Ethernet 1/1

Global Protect Redundancy

Hi,

I would like to set up Global Protect VPN on 2 sites, and have a round robin redundancy between them.

i.e. user1 logs on the GP VPN and connects to site A, then user2 connects to GP VPN and connects to site B, and so on...

Is this possible?

regard

"You have been logged out due to unknown reason"

Any idea what causes this or how to investigate it?  I can see the event as "User Me logged out via Web from My_IP" in the System Monitor tab.  Happens intermittently otherwise I'd look at this: https://knowledgebase.paloaltonetworks.com/KCSArticleDe

OSPF and BGP Redistribute

Can someone walk me through redistribution of OSPF into BGP and BGP into OSPF

I am setting up a new VSYS (already done) with a new Virtual Router to an AT&T AVPN WAN

There is a /30 between us and AT&T, and we use eBGP to AT&T.  On the other router in

U-Turn stopped working after update

After Updating PA850 to 10.1.3, U-Turn to 2019 webserver is no longer working.

Firefox Message:

Secure Connection Failed

An error occurred during a connection to wdafire.townshipofhamilton.com. PR_CONNECT_RESET_ERROR

The page you are trying to view canno

Are there options in the Palo Alto SaaS Security Inline to block in real time cut/copy/paste/print activities?

Are there options in the Palo Alto SaaS Security Inline to block in real time cut/copy/paste/print activities?

I have seen this some other CASB solutions to limit what the web browsers can do in real time not out of band (Palo Alto SaaS Security

How to check the utilization of current firewall (eg. sessions, throughput, etc)

Hello,

we have plan to upgrade our current PA-3020 firewall to new PA firewall.

I would like to know how to check the overall utilization of currently firewall in order to determine the size of new firewall. (eg. the usage of sessions, throughput, tota

How to remove VSYS from Panorama

Hi,

Does anyone have a KB or similar to follow step by step?

Regards

DHCP-DNS server integration posisble on a PA-500?

Hi,

Is it possible to configure a DHCP server running on the PA-500 to automatically update the records in a DNS server that is separate from the PA-500?

Ideally, I would like to have the DHCP server dynamically update DNS records with the DHCP c

sip port 5060 same in source port and destination port

Facing issues regarding traffic flow on PA.

Cannot see traffic on PA when the SRC port is 5060 and the DST port is also 5060 and application SIP.

Have a rule which permits all the traffic from the source to the destination with all the ports allowed (

Question about NAT

How can you use dynamic source translation with dynamic source address.

This is my scenario. 

Site one Public NAT 1.1.1.1 source address 192.168.2.1

Site two Public NAT 2.2.2.2 source address 192.168.3.1 

If I want to combine this rule into one Nat ru

How to check VLAN untagged on ae interface and physical interface with L3 subinterface

Hello all,

We would like to proceed with the connection between Cisco ACI and Paloalto firewall regarding this server configuration change.
 
Is there a difference in how to check the VLAN untagged of the Ae interface with L3 subinterface and the physic