Static Redistribution to BGP

Hi All,

I need some help/advice as I am unable to achieve the wanted results.

Scenario:

a) I have 2 PA firewalls sitting on separate DC operating independently.

b) I would like to add a static route on PA (DC1) and as long as the path monitoring for th

GlobalProtect icon disappears from taskbar in Windows 10?

We're having a problem with GP 4.0.6 and 4.1.1 clients on Windows 10 where the icon dissapears from the task bar. It doesn't happen all the time, but when it does it causes a fair amount of user frustration. With the 4.0.6 client, I could search for

Management interface routing

I'm working on isolating the management interface onto its own network. The firewall will be the router for this traffic and the network switch it connects to will be L2 only. If my management IP is 10.10.20.10/24 and the gateway is 10.10.20.1 where

Phase 2 tunnel status

Please excuse me as I am still learning and am relatively inexperienced. I assume the phase 2 status can be red for following reasons (assuming IKE phase 1 is all correct and working) Authentication, Encryption, DH settings being incorrect/mismatche

FW in Palo IP changed

Hello -

I have an HA pair of palo's that were added to Panorama. The management IP for each of those palo's has changed and are now showing in a disconnected state. How can I correct this?

 
Thanks in advance.

require admin users being member of LDAP groups

Hello

We are using LDAP for authentication of the admin users (for Panorama as well as the firewall nodes).

Is it possible to adjust this, enforcing the user being a member of a specific AD group?

Last info found was regarding PAN-OS 8.1 (https://live.p

Setup VPN Global Protect DynDNS

Setup VPN Global Protect DynDNS

Dear community:

Good afternoon, is it feasible to be able to configure VPN access with Global Protect, on a Palo Alto with the following scenario:

Palo Alto with:
-Public IP Dynamically ( DHCP )
-Firewall configured with t

wildcard fqdn for destination in security policy. FQDN for  abc*.def.com

Team , I have a question about something that I guess is not possible to configure but will like to confirm if possible . My client want to allow  Internal NW 10.0.0.0/8 to FQDN abc1.def.com port HTTPS , this is normal and I have a few of this rules

Specific Action change on Individual Signature

Hi Experts,

We've configured a Vulnerability profile with the Action of Default. For the Windows Print night mare vulnerability (Version ID: 8424, signature ID:91333) and the CVE ID: CVE-2021-1675 I see the default action is marked as 'Alert' which wi

URL filtering

I have one query it is necessary to add a URL Category to add in URL Filtering Profile or I can add a separate URL category in the Security policy without adding any URL filtering Profile.

for example, I Create a URL Category name test which having so

how can we confirm if there is existing firewall rule or not in the policy by filtering by source and destination IP address and port numbers.

I can find existing firewall rule in the Firewall policy by searching by just source IP address or Just Destination IP address but our Firewall policy rule base is huge and i need to filter it by Source IP and destination IP address (both) and possib