Interstate DR setup with site replication.

Hi All, 

We are currently in the build process of a interstate warm DR. Our primary DC has a pair of 850s while the interstate has a pair of 820s. I have begun implementing Panorama to manage both sites, both devices are configured with a simple clea

Panorama doesn't load on firefox

Hi All,

I have been struggling with this issue for few months now.

The panorama VM site just doesn't load on my system, using firefox browser. It shows blank white page and after few refreshes of the page (and praying - please load this time), it fina

politicas de seguridad (post-rule) duplicadas

Hola 

¿ como puedo ver las políticas de seguridad (post-rule) duplicadas ? , asi con esto hacer una depuración de las reglas !

Zone rename effects on Shared Policies

After a company acquisition we have inherited about 25 firewalls which I have recently migrated to a single Panorama instance, along with shared policies and templates, and in the process of building shared policies for the entire fleet.

For the shar

IPSEC Tunne with IBM cloud

HI 

I have setup a tunnel with IBM cloud and tunnel is UP. However I am unable to ping from both side. 

Routing and security policies are configured correctly, I can see on firewall logs byte sent is there but byte received is zero.

There is no traffic

PA management: secondary ip?

With Palo gateway appliances, is it possible to give the management interface a secondary IP?

Wildfire File Check

Hey Community,

maybe someone can give me a hint or help about the following Topic:

Does Wildfire re-checks Files after we have got a verdict ? For example, if a File is uploaded to Wildfire and the verdict is Benign, but after some Time something has

Tactics Technique and Procedure (TTP) for Noob Threat Hunting

I am new to Palo Alto NGFW and Cortex, does anybody have  any special TTP they want to share to noobs like me?

Prevent User Traffic from Proton VPN Application

Hi All,

Just wondering if anyone has a solution in creating either an application id for proton vpn, and or other methods in preventing users from bypassing the palo firewall.

https://protonvpn.com/

I have discovered today that this application is no

Required role to do cli backups

We have a process to do backups using the cli. I'm going to create a new role restricted to cli for this purpose. What admin role is required to perform backups?

URL Filtering Log - MAC Address

Good morning,

We are trying to leverage as much functionality from our PA FW right now.  At the moment we are using 3rd party filtering and 3rd party captive portal.   The challenge is always matching the URL filtering logs with the user mac address.

UserID agent - different two major

Hi,

Just to confirm. it would be compatible this:

UserIdagent in version 9.0.x

and FWs in version 8.0.13

WE need to upgrade FWs to version 9.0.x, and we are thinking to upgrade first UIA, but we are not sure about compatibility in UIA two major higher.

Upgrade advices compatibility

Hi,

I explain my scenario:

We need a cluster A/P in 8.0.x. We had issues upgrading when the LACP didnt come up in the passive node jumping to 8.1.10.

So in the last try we realised that jumping to base 8.1.0 the LACP interfaces were up. So we will do

Panorama VM to VM migration while going from Legacy to Panorama Mode

Hello all,

currently we use a Panorama VM running PanOS 9.0.5 in Legacy mode (did not even know that was possible) to manage a couple of HA pairs of firewalls.

Unfortunately we are unable to edit the resources of that VM in our Hypervisor, likely due