General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Poor Man's HA

Hi, We have 2 PA VM100 devices. For some reasons we are not able to configure more network interfaces at the moment.Can I create an active-passive HA cluster just using the Management interfaces in the way that the second device receives all configur...

User-ID Statistics

We have a cenario where the Firewall control the Internet access from users in the local network and we control these access with URL profiles and security policies.We identify the user session with USER-ID Agent installed on Windows AD Servers.I'd l...

mmcastr by L1 Bithead
  • 3 replies

IPSec VPN with cert authentication: RSA_verify failed

Hello community! Created a VPN Palo Alto - Cisco Asa with certificates for Ikev2 gateway authentication. Cannot establish the VPN. Did a debug and get the following error when the palo alto is trying to validate the ASA´s certificate [PERR]: RSA_veri...

Carracido by L3 Networker
  • 3 replies

Panorama - Object

Hello I start the Panorama configuration and I created Device Group. My device group are based on our site location : FR - Paris - Toulouse I would like to know the best way for the configuration. If I create objects in Paris DG (object to define Par...

Resolved! New template stacks after upgrade?

Hi all, I upgraded from an 8.0 release to 8.1.3 to prepare for a migration to some new hardware. I did a commit after the upgrade to make sure everything was synced up between Panorama and the firewalls and I believe everything went ok. I was making ...

jsalmans by L4 Transporter
  • 5 replies

VPN to Amazon VPC and NAT-traversal

Hello Community! I aim to configure a VPN between a Palo Alto firewall and Amazon VPC with a NAT device in between. | PAN | <----> | NAT_device | <----> | Amazon VPC | As far as I know this config would require NAT-traversal support in both ends.Amaz...

Resolved! HA2 link down

The 20G link for HA2 between the two PA-5220 firewalls (Active-Passive cluster) does not work correctly. It is a direct link using single-mode fiber and 10G-LR optics with a length of approximately 550 meters.After restarting any of the two firewalls...

jesuscano by L4 Transporter
  • 7 replies

Resolved! PA firewall is not forwarding logs to Splunk indexer

Hi Dears, I have a issue regarding the log forwarding. Paloalto logs are forwarded to splunk SIEM in our environment. We were running panos 8.0.10 and the log forwarding was working as expected. Recently we upgraded to version 8.0.12 which is a TAC r...

Resolved! Can't create Nat rule using more than one source address

Hi all, I'm trying to create Nat rule for source translate when the source is address group and it will not be bi-directional. The address group include 2 address from objects.The source translate is Static-IP tried to put object and specifric IP add...

Nat rule error.jpg
SShnap by L3 Networker
  • 6 replies

NAT Through VLAN interface to 2 VRRP Routers

I would like to do a static 1:1 NAT through a VLAN interface to two Cisco routers for redundancy. The Cisco routers will be running VRRP to provide a virtual IP address to the PA firewall. The PA will be connected to both routers through a different ...

DoDo1975 by L0 Member
  • 0 replies