Device State from Multiple Devices

I have a question and I am hoping I am not the first person to have asked it, and that there is a script out there somewhere.

I am trying to get the device state from multiple firewalls and need to somehow put it in a script.   I do leverage the sc

PA220 and IoT Security Policy Recommendations

Hello everyone.

I am trying to get the policy recommendations from IoT Security to work.

After following the detailed onboarding instructions, everything seems to be properly set-up on both the firewall and the IoT Security portal.

All licenses are act

Iinux smart cards supported for globalprotect 2fa authentication?

Dear community!

I have a quick question:

Dos globalprotect support 2fa authentication with Linux smart cards?

Thank you!

Alert on Policy Rule Modification

Hello Everybody,

I would like to know if there is a possibility to be alerted in case of modification of a rule.
For example: if a rule is modified, an email is automatically sent to a specific person

Thank you

Valentino

GWLB AWS - HA what to do if both appliances go down?

We are deploying two PA on AWS using GWLB and we are wondering what would happen if for any reason both aplliances go down , since all traffic (inbound , outbound and inter-vpc) is going through the FWs , do you know a quick bypass or fail-open solut

management interface & service route configuration

Hello
I am new in palo alto, I did a self-training
I would like to have more details about the relation between the management interface and the service route configuration
I have a little bit stuck on when to use the route configuration service
I think

Azure Tag in Security policies

Hi There,

How we could create dynamic security policies from Azure tag. In the Azure Market place I do see this statement.
"policies that are dynamically updated based on Azure tags assigned to workloads, allowing you to reduce the attack surface are

Session end reason: tcp-fin and aged-out?

Hi all,

I am using PA-850. I am having the problem. sometimes the internet is blocked. and I see in the monitor, the sesson end is: tcp-fin and aged-out. but after refresh some times, then I can access to internet.

Please help to advise how to fix it

How to remove log forwarding from syslog

Hi All,

I want know to how to remove traffic log from log forwarding?

Migration from 5250HA to 3250HA

Hi Everyone

We plan to migrate 5250HA to 3250HA. See if anyone has past experience.

5250HA Policy and objects tab are managed by Panorama, All rest is still on local. Main change is interface on 5200.e.g internet or DMZ zone includes 1G and 10G inter

dual catergory url checking

hello community.

I notice that this site https://www.pokmi.com/ is in dual category for Adult and catagory low Risk.

I made an url filtering rules that allow low risk category but that block adult category.

when I apply this rules to my traffic I hav

inter-compatibility

Hi All,

PA3020 and PA200 are used to form an IPSEC tunnel. Would there be any compatibility issue if we upgrade PA3020 to PANOS 9.1.12-h4 while keeping PA200 on PANOS 8.1.21?

Any known issues if we upgrade PA3020 to PanOS 9.1.12-h4? PA3020 Current Pan