General Topics

Anyone else notice these "Load Config Partial" syntax changes in PAN-OS 9.0?

Doing my first migration to PAN-OS 9.0.  We've migrated the config using expedition, but when I try to use the load config partial commands I keep getting a "Invalid syntax." error

Example on how it used to work- 

load config partial from MT-fixed.xm

Weird GP source username on traffic logs

I came across this weird source name on the traffic logs while checking a GlobalProtect issue. Has anyone seen this case? Other users' logs are displayed with corporate\domain correctly.

VPN

Hi. who can help me this topic?

Person A must configure vpn with person B. Person A must configure two vpn connection and all data flow to vpn 1 node but if vpn node1 goes down, aoutomatic all traffic must flow through with node 2.

Free space in /dev/md2 partition

Hello
We have a Firewall PaloAlto with free space 509MB in partition /dev/md2, and 609MB in partition dev/md5, actually we need to upgrade the PanOS since 7.1.18 to 8.1.12, and there are 5 PANOS to upgrade, so the information is keep in /dev/md5 but b

How to block Internet Explorer

I am trying to block Internet Explorer traffic going out to the internet from my internal users. I have decryption in place and followed this article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEdCAK

I am seeing some w

Global Protect HIP check issues

Have had an open case with support since August 2019 with HIP checks setup for Global Protect.  There are options to allow HIP checks for a large number of different AV vendors and their products.  The issue we have come across is that we have define

VPN between Palo Alto and Check Point firewall

Hello,

I am trying to establish a successful VPN connection between my Palo Alto firewall and a Check Point firewall. The VPN tunnel on the Palo Alto side shows all green for phase 1 and 2, however on the Check Point side I keep getting a failure per

HA clarification with a single ISP

Hi Gang,

Excuse me for my ignorance. We had firewalls Palo literally thrown at us, and instantaneously put into production (not great!). 

I have a pair of Palo's in HA Active/Passive with preemptive enabled on active/primary. These are in turn, patch

Bootstrap debugs / logs

Hi,

I was wondering when I went through the bootstrap documentation, it mentions that it should display logs of the bootstrap even if successful but in either case, nothing appears on the console, not even a single word about bootstrap... where shoul

unable to retrive users on the panorama access list

Hello, 

I am trying to create rule that allowed specific users from the active directory. Strange enough on the rule, i am unable to get active directory users. Please advise 

*Urgent* Global Protect Crypto

I have one more query, If I change week encryption to strong encryption in tunnel traffics like Global Protect, IP sec tunnels, will it get affect the clients ??

Of course We have to check the peer side before we change the encryption methods & algori