Global Protect External Gateway - saying only manual gateway exits

All of the sudden, in our global protect setup(Pre-Logon-Always-On, internal host detection, we were able to switch between internal and external networks and Global Protect would always reconnect.  For about a month this has not been working.  I got

Certificate for gateway

My CA is Portal / Gateway  firewall it is having different template group and LSVPN HUB  firewall on different template group.

I have created new certificate for HUB  gateway on Portal/GW template , exported it from template group and imported it on

Not able to introduce "?" in log-link

Hi,

Im trying to configure a log-link web with the character "?" in the middle but the PA is deleting this character "?"

Do you know if there is any way to put the question mark character "?" in the URL

for example this:

set deviceconfig system log-lin

Auto switch between internal & external gateway

If I mix external and internal gateways in the same portal.

Does GlobalProtect automatically switch gateways when users work in the office or work outside?

In the current situation, when I use GlobalProtect in my office or office, I need to manually s

Policy Optimizer Additional Apps

Hi, we have Policy Optimizer enabled and looking at the data there appears to be 'seen' apps that are not actually allowed by the rule:

I'm thinking someone edited the rule (from perhaps 'any' to 'sip') but cannot confirm in the logs (rule is also s

Understanding AppId Dependency Implications

I've run in to a few instances where I need/want to allow a specific App with a specific policy, but it has a dependency I don't want to include with the same policy. I'm wondering if I need to rethink how I arrange these rules.

The most recent examp

PANORAMA PA Firewall Management -> entire backup of the Firewall Running Config

Hi,

we are managing a pool of PA Firewalls using Panorama.

Some of the settings are pushed to the managed devices via Templates (i.e. several additional users, shared objects, etc.).

Device Config is saved on a regular basis on the device itself as w

SFP + modules for PA 5220

Hello we have PA 5220

and we need to connect SFP+ modules.We have Finisar SFP plus module but it does not work

Can you recommendme any third party SFP+ module which is sure to work

Filter default route

WE have configured OSPF between a Palo Alto firewall and the CORE to which it is physically connected, within this CORE there are several VRFs that interconnect with the firewall (VRF1, VRF2, VRF3). Is there a way to filter the default route in the P