How to add static routes on panorama M-600

Hello ,

We have M-600 Panorama device and we need to get 2 seperate networks :

MGT : for firewalls administration and to receiving logs ( this network is isolated from internet)

Ethernet 1/2 : a new interface just to make panorama reach internet for up

opcmdhistory log missing in PanOS9.1

I noticed that the “opcmdhistory” log disappeared in Panorama after upgrading to PanOS9.1.It was there in 9.0 and previous  versions.

Do you know why it changed and if the information is in another log file? I was using it for troubleshooting and det

Min. required PAN-OS version on Firewalls with PANORAMA 9.1

Hi,

I found the knowledge base article which PAN-OS versions are compatible to which PANORAMA version.

For the newer PANORAMA 9.1 the informations are missing which PAN-OS versions are supported.

https://knowledgebase.paloaltonetworks.com/KCSArticl

Global Protect - Traffic interrupted while still showing connected

We are currently running the latest version of GlobalProtect (3.1.1-27) and we have encountered the following issue a few times.

The user successfully connects to the company network and is able to work for a prolonged period of time.

All of a sudden

Two Portals, or two authentication profiles or better idea to test 2FA with global protect.

Howdy all,

Relatively new to PA and GP, spent more time with Fortigate and Cisco at previous jobs. Work at a small company and until the pandemic and snowpoclypse VPN access was only given to select people, we all just came to work. 

I've been tasked

Access problems via Globalprotect with AD group.

Hello everyone,

I am relatively new to Palo Alto solutions and I face a problem that has been going on for over a week. Could anyone help me?

This is the scenario:
- I have gateways 01 and 02 for the GlobalProtect.
- AD groups called Grupo1 and Grupo2.
-

Block domain *.*covid*.*

Hi Team

can we blocked domain in palo alto if domain name contains is *.*covid*.* in palo alto.

I was also wondering whether blocking such domain will be better through dns sinkhole or URL filtering.

ISP Router connection best practice

Hi All,

Just looking for advise , pros vs cons about connecting an ISP internet feed directly to our core mpls/vpls switch.  

ISP Internet Router—>adva—>Core Switch(siteA)—>mpls/vpls—>Core Switch(siteB)—> Palo Alto

The PA firewall will have a separate

Panorama HA Firewall PAN-OS Upgrade Clarification...

My apologies for the length of this post...I am trying to understand how to best upgrade PAN-OS through multiple major releases on a configured HA set and I may not be explaining myself effectively...here it goes.

I am preparing to upgrade a PA-220

Migrating Palo Alto's

Quick question regarding changing model of Palo Alto's. We're moving from a larger model to a smaller. Is there a guide I could use for this? From what I've gathered so far the two firewalls have to be on the same software version? is that the only p