Redundancy VPN between two sites with two ISP

HELLO ALL

We have two PA devices.(850 and 500).They are located in different sites.Both firewalls have two connections to Internet via 2 different ISPs

We want to make Site to Site VPN between these sites.But make it redundant.Two VPN connections betwe

Instagram allowed in the security policy, but the pictures are not displayed correctly on the website

Dear Palo Alto Community Members,

I'm tiring to set up a security policy based on app-ID allowing Instagram but blocking Facebook.

Unfortunately, I can't get it to work, and I'm not sure what I might be missing here.

The security policy allows all the

Re:Software License

Hi,

Can anyone enlighten me what is the use of the Software license in Palo Alto NGFW and what will be the impact on the firewall, If that license expires.

how to adjust interface metric in ospf to define desired route ?

I have to two virtual routers 

VR_1 - e1/1 - is connected to wan 1, e1/3 - is connected to internal network, e1/4 is connected to a switch so, VR_1 has e1/1,1/3,1/4 and I want the primary ospf route to be from e1/4. what changes should I make to do s

Globalprotect: Adding multiple portal via registry

Hi guys,

May I ask for your guidance. I can add multiple portals easily in my globalprotect agent using its's GUI in windows 7/10. However, I need to deploy multiple portals via registry so I can push it in GPO. I have tried this link but this only s

When specifying the AD group in the Authentication profile, admin login is not working

 When specifying the AD group in the allowlist of LDAP Authentication profile, the admin login is failing. It is showing some errors like user not in allow list and target vsys is not mentioned etc. 

It is working only when using 'all' in the allow li

linux GP agent deployment

 Hi

I see from panorama /  deployment / Global protect client section that there is linux agent files.What is the purpose of that ? When I try to download and activate no device is coming at selection window.Any idea ? Thanks

Panorama version 9.1

Reg

Hacking URL, direct thru Palo, deny reason "block URL", via a search thru google, gets a reset page.

When you go directly to "shodan.io", which is categorized as a hacking site, the palo will block that URL. When searching thru google for that site, then click on it, a reset page is sent, need to understand why? Is it considered a "threat" if google

Azure External NAT - Without LoadBalancer

Hello,

  I have an issue. I have an internal server which needs to be reached from the internet.I have got a public ip but i am unable to assign it interface of the firewall for obvious reasons. Also i only have an option to associate it with a Load B

Linux User not able to Access an Application

One of My Customer's User Not Able to Open a Stackfive agent application its says its Java base When he Opens That there is an Error According Certificate Invalid or Something. Then the Customer Send him a Certificate  I check the logs, and the Secur