SSH to Management interface (RADIUS Auth) PAN OS 10.0.4

Working on an HA Pair of PA-820 firewalls and just finished configuring auth for management interfaces. Went to test, and found that the firewall said auth succeeds, but the SSH connection immediately drops.

Config:

• Auth profile is RADIUS (Windows NPS

how can i limit the Maximum Number of connections per ip

Hi everyone 

                    i have a question is how to limit the maximum number of sessions per ip or per zone ?  

                    hope someone can help me.

Enabling multi vsys on a prod firewall.

I’m planning to create multi vsys on my palo alto. I just wanted to know if my existing configuration (interfaces, aggregate interfaces and rulebase) will be moved as it is to vsys1 or they need to be mived manually?

I have aggregate interfaces layer

HA1/HA2 speed recommendations for a PA5200 series setup (A/P)

I'm not sure if this documentation exists somewhere but I can't seem to find it.


we have a customer with palo alto 5200 series firewall.
due to covid-19 (as is the case with so many companies they are currently production stress testing the firewall wi

HELP: HOW TO BLOCK BITTORRENT ON PALO ALTO?

Hi Guys, Asking for your help to block bittorrent or utorrent? or blocking p2p?

Reconnaissance query

Hi Team,

Is it possible to whitelist on the basis of destination for scanning port. I can see in Reconnaissance configuration we can only whitelist on the basis on source address. But more than 500 sources are available to scan port so its difficult t

Cortex XDR Agent management questions - stragglers and operation status

I've deployed the cortex agent to all of our servers and now need to find stragglers (servers without agents running).  I also need a method to know that not only are the agents installed and running but they are actually running as designed.

I notic

PA-220 advertising BGP routes

Hi everyone, hope you're well. I hope somebody can help with this.

I'm looking to introduce a local Internet breakout, by installing a Palo Alto 220 firewall, as the site has been reporting slow Internet recently.

Template setting not working

WildFire looks like this on the Palo:

But if I click on it to change it, it has a template setting:

I took a look at the Stack and the one at the top has the correct setting, the one at the bottom is set to none. So that should be right, any idea why

Custom Category traffic flow issue

Hello all,

 I have created a custom URL category for a site and have a security policy to allow specific applications to that category but the results are inconsistent and when I review the log, when the traffic was successful the URL Category shows

Knowledge sharing: Palo Alto troubleshooting falty or not supported SFP and SFP stopped working after upgrade

Hello to All,

I wanted to share what I know with thee comunity. First in many cases for faulty and not supported SFP the option "show system state filter sys.sx.px.phy" is used (for more info https://knowledgebase.paloaltonetworks.com/KCSArticleDetai