PPPOE Not Establishing

I am trying to connect a Palto Alto (in Ebano, Mexico) via PPPOE and it will not connect. As described in the PA doucment the interfeace is tyring every 3 seconds but getting the following "'PPPoE session failed to connect for user:u1st on interface:

Permissions for dependent application under parent application to inbound destination

Hi All,

I am in the process of migrating from Lotus Notes to O365.  The migration requires a ton of IP's being permitted from the outside inbound to my migration servers in my data centers. Rather than call all of those IP's, I am instead permitting

Sip ALG

Hi community,

I have seen lot of Palo Alto documents and some blogs saying about ALG functionality issue in firewall.
I am facing some issues randomly with ALG functionality in firewall, I have seen documents says to disable ALG in PA, but my sip serve...

HA Upgrade Path 8.1 to 9.1

I have an HA pair of firewalls on 8.1. Do I need to upgrade both to 9.0 and then 9.1 or can I upgrade one all the way to 9.1 and then the second from 8.1. to 9.1?

Monitoring HA state with graphite

Hi there,

i am currently working on a grafana dashboard to monitor a pa-3xxx cluster. getting numerical values by snmp with collectd is no problem. and it ist great for displaying the data. collectd can't handle strings, but the ha state ist totally

Expedition 1.1.88 hangs during XML export due to ASA Tags/Objects

I have a repeatable issue with Expedition.

I have an ASA with 3 contexts, no matter how i import them, export refuses to pull out tags

cat /etc/tmp shows:

Notice: Undefined offset: 0 in /var/www/html/libs/common/xml/panosxml.php on line 1752

Fatal err

what is mean ---authentication cannot have more than one subconfiguration

I use two PA820s for ipsec vpn and  used certificate-Based Authentication for IKE

The 820-A version is 8.1.6 and the 820-B version is 9.1.4.
820-A configuration ike gateway no problem。
820-B will report an error when configuring ike gateway ，

authenticat

Allow Sub-URL to Specific IP

Hi All,

We've 'abc.com' as primary URL which should be accessed by all.

sub URL - 'abc.com/odata' should be allowed to access only to specific Public IP which we mention.

Please suggest how we can apply these policy in PaloAlto.

Thanks,

Sathish

Changing an appliance management IP on a Panorama managed appliance

Hello,

I have to reconfigure management IPs on PAN-OS 8.1.x firewalls, which is managed also by a Panorama 8.1.x server. My thinking re process is as follows:

Add new policy to allow Panorama to new Mgt IP on applicable firewalls and vice versa.

Recon

Device Health Status

Hi Team, 

We have few firewalls (5520,5260, 3220 and 3260) managed by Panorama. I wanted to check the health status of those firewall. I found some of them are in Deviating Devices list due to the memory / CPU consumption. For example, in some devices

How to fix this vulnerability in palo alto?

Hi,

Please help to resolve the following vulnerability

Vulnerabilities :
1. HTTP DELETE Method Enabled (http-delete-method-enabled)
2. HTTP OPTIONS Method Enabled (http-options-method-enabled)
3. TLS/SSL Server Supports The Use of Static Key Ciphers (ssl

Changing password over GlobalProtect

Hi team,

Does anybody know if there is any compatibility issue between Palo Alto and Aruba Clearpass for changing users' passwords?

When we use Microsoft NPS, GlobalProtect users will be prompted for changing their passwords when the passwords are expi

Any thoughts on how to whitelist Akamai IP ranges?

Hello Network,

Any thoughts on how to whitelist Akamai IP ranges? I am hoping to use MineMeld as the aggregator of the information.  We currently use it for AWS but I did not see a node built for Akamai.

Thanks in Advance,

Scott