General Topics

Objects in use via CLI

Good afternoon,

I'm looking for the CLI command(s) for how to determine the number of address objects, and address-group objects that are in use on a PA FWs.

I know it's easily done from the GUI, but would like to add the command to a script, so I ca

PPPoE issues - Interface is not getting connection

Hello, 

I am configuring a PPPoE interface. I have enabled it and typed the username and password, and it continues without connecting. Is there another step that I have to take to enable the interface. I have followed the documentation, and also I h

Object Group with exclusions

Checkpoint has option to creat an address group object with exclusion (e.g Include 10.20.x.x/16 and exclude 10.20.30.0/24 or other subnets from supernet). Is similar option available in Palo Alto.

Negate option in PA is just to negate all source/desti

Veeam file transfer issue

Hi,

Can someone help me ? Does anyone here experience when you are transferring huge files. It suddenly drop the traffic and cuts the tcp sessions.

Got this veeam error from my colleague.

Error: The specified network name is no longer available. Failed

Layer 2 Setup no network traffic no MAC addresses

My organization recently purchased a VM firewall.  Originally there were a couple other people who were going to implement it but it's now fallen on my shoulders.  I found this  tutorial that was straight-forward enough for me to follow but after add

vCenter Server Appliance Web user interface HTTPS Security Rule

Hi All,

Due to a number of system administrators working from home, I have been asked to allow vCenter Server Appliance Web user interface HTTPS port 5480 through the firewall for administration over VPN (Global Protect).

Specifically port 5480. vCen

Downtime when chaging DNS IP

Hello - I need to change IP of the DNS server under Setup - Services on our Panorama, FWs and Global Protect devices. Would like to know what kind of downtime I can expect with the cutover to the new IPs especially on t he FWs and VPNs.

- Jisha

Are You Ready for PAN-OS 10.0 and the ML-Powered Next-Generation Firewall?

In case anyone hasn't heard that the NEW version of PAN-OS 10.0 is going to be released soon, This will be a new ML-Based NGFW (Machine Learning) and there is going to be a huge launch event for it.

Palo Alto Networks is beyond excited to announce

Using MineMeld to build a list of IP addresses from a list of domains

Our current MineMeld instance is doing a great job of handling our Office 365 requests. Now I'd like to use it to solve a different problem, but I'm not sure how to go about it.

We need to allow outbound app-specific traffic to *.somedomain.com. I

PA 7.1.0 - IPSec SA goes into create delete loop after enabling tunnel monitor

Hi, 

I am facing a strange issue in IPSec connection with PA (7.1.0) and strongswan (5.6.2) where I see Paloalto starts sending CREATE_CHILD_SA rekey requests to strongswan when I enable tunnel monitor. Earlier we were using strongswan (5.3.5) and d