General Topics

PANOS firewall Upgrade from panaroma Error

I have paloalot firewall that is managed via panaroma. The firewall doesn't have internet connectivity and only panorama does. On the panaroma I have downloaded both the 9.1.0 base and 9.1.9 maintenance version. When trying to install 9.1.9 from pana

EDL for Specific Azure IPs/Tags Using Minemeld

I'm looking for a way to use the JSON file from Microsoft which lists Azure IPs and services tags (https://www.microsoft.com/en-us/download/confirmation.aspx?id=56519) to create an EDL. However, I only want to include the IPs for Storage.EastUS2 in t

Warning: The admin has enabled the virtual system vsysX as User-ID Hub(Module: useridd)

Why is this a warning? Has anyone found a way to keep this from displaying as a Warning? This cases our SOC personnel to ignore when the commit status completes as 'Commit completed with warnings"

We are running 10.0.6 - Panorama and 9.1.9 - Gateways

invalid syntax delete rulebase security rules (rulename)

Hello There,

I am running PA-OS 8.1.19. i attempt to delete a security policy via CLI, However, I get an error of Invalid Syntax. Does anyone know what did i miss.i looked at several docs and all indicate i am using a correct CLI command 

Login to the

Static Redistribution to BGP

Hi All,

I need some help/advice as I am unable to achieve the wanted results.

Scenario:

a) I have 2 PA firewalls sitting on separate DC operating independently.

b) I would like to add a static route on PA (DC1) and as long as the path monitoring for th

GlobalProtect icon disappears from taskbar in Windows 10?

We're having a problem with GP 4.0.6 and 4.1.1 clients on Windows 10 where the icon dissapears from the task bar. It doesn't happen all the time, but when it does it causes a fair amount of user frustration. With the 4.0.6 client, I could search for

Maximum Number of Objects reached

Hello,

We have detected in our 820 device the following alarm:

SYSTEM ALERT : critical : max registered-ip for the platform reached (1000)

Searching the objects, we have only 746. I'm not being able to find so much information about this.

Does anyone

Management interface routing

I'm working on isolating the management interface onto its own network. The firewall will be the router for this traffic and the network switch it connects to will be L2 only. If my management IP is 10.10.20.10/24 and the gateway is 10.10.20.1 where

Phase 2 tunnel status

Please excuse me as I am still learning and am relatively inexperienced. I assume the phase 2 status can be red for following reasons (assuming IKE phase 1 is all correct and working) Authentication, Encryption, DH settings being incorrect/mismatche

FW in Palo IP changed

Hello -

I have an HA pair of palo's that were added to Panorama. The management IP for each of those palo's has changed and are now showing in a disconnected state. How can I correct this?

 
Thanks in advance.

require admin users being member of LDAP groups

Hello

We are using LDAP for authentication of the admin users (for Panorama as well as the firewall nodes).

Is it possible to adjust this, enforcing the user being a member of a specific AD group?

Last info found was regarding PAN-OS 8.1 (https://live.p

Setup VPN Global Protect DynDNS

Setup VPN Global Protect DynDNS

Dear community:

Good afternoon, is it feasible to be able to configure VPN access with Global Protect, on a Palo Alto with the following scenario:

Palo Alto with:
-Public IP Dynamically ( DHCP )
-Firewall configured with t