UPDATE 11/8/23 11:43 a.m. EST:
LIVEcommunity’s System Update will be delayed. This means your use of LIVEcommunity will not be impacted this week (11/8-9), and you can proceed with business as usual.
Thank you again for your patience and stay tuned
...
We are excited to announce a new Engineering Blogs section on LIVEcommunity, exclusively curated by Palo Alto Networks engineers!
This dedicated area will be home to technical posts about Palo Alto Networks innovations to build scalable and reliabl
...
Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi
I was just checking out my VMWare vm setup for my Panorama VM. and it has 2 interfaces on it.
how does that match up to the setup interfaces page
so 1 is management and 1 is eth1 ? how can i tell and why have 2 ?
As the title my question in my mind is relatively straight forward.. when a globalprotect client sucesffuly makes a vpn connection... is there any local profile settings saved to a file on the pc / mac?
If so, where are these logs saved / folder path
...
Need to know why CLI and GUI show this behaviour?
Hi All,
I have configured some security policies and service objects on my lab environment which consists of VM-100 Firewall for ESXi running PAN OS 8.1.0. Can I export my settings to production environment which consists of 8 ESXi hosts, Panorama an
...
Hi All,
I configured the implicit deny (Universal Policy) policy at the bottom of security policies but after that, I could see that some of the Intrazone access got denied by the implicitly deny policy.
How we can achieve the Implicit deny policy wi
...
We have server reachable via Public IP say on port 13001 and 13002
We have Security rule
Source any
Zone outside
Destination 173.82.x.x IP of server
Zone inside
port 13001
Here i have not included the port 13002.
I have correct NAT policy for t
...
Hello,
We need to migrate multiple firewall clusters to Panorama. I read the guides but there are still some questions about objects and IP addresses, certificates, etc...
Once I have migrated one cluster, what about the other ones if they have some
...
Hi There,
I will be greatful if anyone can please help me to understand the below which is taken from https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/session-owner.html
We have a requirement to configure OSPF & multicast in a sub-interface of Palo Alto for one of our customers. I would like to understand how it would impact the CPU, memory and throughput and the guidelines and best practices to be followed while con
...
I have a pair of 5220s configured with HA1, HA1 Backup, HA2, and HA2 Backup links in use. All HA links show to be up and running. I have left all of the other knobs for tuning link and path monitoring off, taking all of the defaults. No preemption,
...
Hey all,
I've just updated the global protect version to 4.1.8
In the docs, it says that the client supports linux.
I've followed that doc:
https://docs.paloaltonetworks.com/globalprotect/4-1/globalprotect-app-user-guide/globalprotect-app-for-linux/downl
I am currently looking to upgrade my HA pair of 3050s from 7.1.10 to 8.1.6 and per Palo Alto's best practices guide, it is recommended to upgrade to the latest maintenance release prior going to the next major one. As it stands per that best practice
...
Hi there! Has anybody had the chance to play with PAN OS 8.1.5 yet in Production? Are there any noticable issues? I've been locked into this killchain of bugs ever since we made the leap to 8.1.0, and I'm just wondering if this build will be the "sta
...
Hello,
I'm trying to configure double NAT rule (SNAT + DNAT) using Panorama 8.1.4 managing PA 5220 devices running PanOS 8.0.14.
I can valid / commit configuration on Panorama, but when pushing config to devices I get following error message :
For some background: We recently impelmented a data protection strategy within our organization and would like to restrict the Global Protect remote access VPN service only to domain-joined laptops. Since all our endpoints within our environment rec
...
Raido_Rattameis
aleksandar.asta
TomYoung
on:
PA OS upgrade issue and question
aleksandar.asta
