PANorama won't see 5250 connected on "Managed Devices"

We have 5250s we're trying to integrate to PANorama. Both are not in the same geographical location, but are able to communicate with each other. PANorama can ping the 5250. 5250 can ping PANorama, and SSH to PANorama possible from 5250. Connection b

Need SCP Software recommendation for Panorama Backup

Hi All,

I need SCP Software recommendation for Panorama Backup, am currently using Solarwinds SFTP/SCP Server and am unable to get this to work, keeps throwing the following error. "SCP EXPORT ERROR EXEC REQUEST FAILED ON CHANNEL 0 :"  

Thanks

ARP table By SNMP

Hi,

Any idea How I get ARP table from Palo Alto Firewalls (PA-200, PA-500 and PA-3020) by SNMP? 

Did try BRIDGE-MIB::dot1dTpFdbTable but gave me NULL resualts

Mike Alani 

Log/syslog forwarding to Microsoft Azure/Sentinel

Entire company uses log analytics and Sentinel for logging. 

Found this excellent article  below on how to accomplish this task.

https://davicruz.com/en-US/azure-sentinel/2021/03/rsyslog-sentinel-log-forwarder 

Has anyone done this before?

I have stan

TCP 3 way handshake success (telnet) but data doesnt flow through

Information
Source : 10.1.1.1
Destination (example) 202.181.200.188
Destination Port : 8443

Client is running on port based firewall

Issue (Technical not an issue just the firewall behavior) :

3 way hand shake success which mean telnet port 8443 is succes

Does HA2 link failure trigger failover

Hi,

I've got firewalls in active/standby mode and  preemptive is not enabled. HA2 link flapped for around 12:47 PM  GMT and link was up at 12:52 PM GMT

Model : 5060

Active/Passive PA with Dual ISP in eBGP and private owned /24 ASN

Hi,

Looking for some guidance on our setup. I am looking to establish pure ISP failover without having to take action on my / my team's side. Presently when there is an outage, we need to do manual intervention to get connectivity back up.

Here is an

multicast test

PA is using cisco switch as external RP. Over a system I start the stream on VLC but I don't see the multicast address in multicast FIB. System is connected to network that is directly behind firewall. I use this tool multicast test tool (https://com

IPSEC s2s VPN between VM-50 and PA-3220

We've done plenty of s2s IPSEC VPN tunnels between our DC firewalls and branch offices. I have a new branch office which we are configuring the same way as the others, yet the IPSEC VPN is not operating as expected. The tunnel is showing as up and th

MS Active Directory Security Group Changes Not Applying over VPN w/ prelogon

Our organization has been struggling with getting MS AD security group changes to apply over VPN w/ prelogon enabled for a long period of time now. I have had support tickets in with Palo support and MS support. Palo support has determined via Global

Palo Alto blocks legitim applications

Hi everyone,

We have defined Risk App block rule which contains the app by risk category, characteristics and vice versa.

After upgrading PA to 10.1.5-h1 version it starts to block ssl, web-browsing, google-base, whatsapp and other apps which are not a

Okta has 400+ IPs that are all /32. Looking for an EDL solution

Has anybody figured out an edl to allow communications to Okta without manually entering the whole list?  My customer is using Okat for MFA and the Okta Portal uses a whitelist so they have policies that anything hitting Okta should use ip x.x.x.x.