General Topics

Palo Alto URL Filtering Test Pages unreachable via HTTP

Anyone else notice that the Palo Alto URL filtering test pages (example: http://urlfiltering.paloaltonetworks.com/test-command-and-control) are no longer reachable using http?

This article describes the pages and why you would want to use them to val

Want to allow SFTP only and not SSH Traffic

Hi Team,

I am trying to achieve my requirement however, unable to achieve it. Please review my requirement below and suggest your thoughts if there are any possible way to accomplish.

I want to block SSH traffic and at the same time i need to allow S

Failed active/passive HA Upgrade from 8.1.4-h2 to 9.0.3

Hello community - I have a case open with support, but I am looking to see if anyone else has an idea for me while they are looking at my tech support files.

I attempted to upgrade an active/passive HA pair following the Palo Alto Doc. I upgraded the

Rename Panorama template and template stack

Hello,

We have a few firewall clusters managed by Panorama and are looking to change the naming schema for templates and template stacks. Does anyone know if changing these would have any affect on firewall operations? We previously changed the zone

URL Filtering Whitelist

Hi,

We have a case that 1 user would like to access URL (example a.com) that is currently blocked in existing URL filtering profile.

We know we can allow this by

1. clone existing URL profile and add a.com into allow list or add it through custom URL

DNS proxy

Hello

In one of my subnets I'm using google 8.8.8.8 as DNS server (received via DHCP).

But only form one entry I want to provide my own FQDN and IP.

Could I use DNS proxy feature for this ? (enable DNS proxy with primary DNS server 8.8.8.8 and add stati

NFS datastore change

Customer integrated NFS datastore with panorama to store logs.

Now they are planning to change old NFS data store with new NFS data store, But their concern is they want old NFS datastore logs to be retained in new NFS datastore after migration and t

SSL decryption troubleshooting

I am trying to get SSL Forward Proxy working properly, generally it seems to be OK but I have a site I have tested

is for the bank hsbc

that gives an error..

Certificate Error

There is an issue with the SSL certificate of the server you are trying to

HA traffic through Cisco Switch

Hi Team ,
Can we route HA traffic between two 3260 firewalls through cisco switch using L2 vlan.

 My requirement is to run firewalls in HA and devices will be in different buildings. Buildings are connected with dark fiber. As PAN dedicated HA ports ar

Anyone else notice these "Load Config Partial" syntax changes in PAN-OS 9.0?

Doing my first migration to PAN-OS 9.0.  We've migrated the config using expedition, but when I try to use the load config partial commands I keep getting a "Invalid syntax." error

Example on how it used to work- 

load config partial from MT-fixed.xm