on passive PA we are seeing
( description contains 'No synching file to peer because local state is not Active (Passive).' )
is this normal?
Hi All,
I have a PA3020 with 7.0.5-h2 PAN-os version.
I have tried different times to sync manually the running config on passive member without success.
I can clearly see from the Active Member's "ha_agent.log" these errors:
=========================
(
...
I've used MineMeld in the past and I've been very happy with all of it's functions. Recently, I've started a new job and I've recommended MineMeld as a solution to get O365 IP's into the firewall for writing policy. Microsoft announced on April 2nd
...
I need to rename a whole bunch of firewall rules (Security Policies).
Ive done a search here and looked in the manual; I think I know the answer.
I can change Firewall / NAT rule names as needed? There will be nothing else I have to change right? This
...
Hello,
We've recently enabled safe search on our PA-3020 and noticed that whenever you do your first google search while on google.com a quick block page pops up and almost immediately goes away. Is this to be expected behavior when safe search is en
...
This link (https://www.ietf.org/mail-archive/web/tls/current/msg27066.html) says that PAN-OS 8.1.4, PAN-OS 8.0.14, and PAN-OS 7.1.21 will fix a TLS issue. I don't see any mention of this in the 8.1.4 addressed issues page though. Do we know this is
...
Hello - I'm looking for some way to force AnyConnect VPN users to go through the PAN which is on the inside for URL Filtering.
A couple of caveats:
- Can't move to GlobalProtect because of ISE integration with AnyConnect.
- Want to use PAN for URL Fi
...
Hello,
Scheduled Device Config export is only exporting local running config from the managed devices(same as export config snapshot done from device) and not panorama pushed policies,objects and network templates. While this may appear as an expecte
...
Now that we have newer features like static route path-monitoring, is there a new recommended configuration for Dual ISP with VPN failover? I'm thinking SiteA (Dual ISP) to SiteB (Dual ISP) with IPsec VPN both using a single VR.
I assume it will be
...
Dear Friends,
We are facing a issue that currently we are unable to console to firewall device. But traffic is passing through active firewall. Status is HA1 backup= Down
Please advice
Thanks,
Lakshitha
is there any way i can find from cli or from web gui that confirms my PA is sending all telemetry data ?
any where in PA cli i can find the logs or data send to Telemetry?
where it send this data to?
is this function performed by the MP of the PA
...
I have a URL filter profile with a list of URLs set to block (under Objects Security Profiles > URL Filtering), which is applied to security group profile.
However none of the URLs are being blocked.
Is there something I should check to confirm this
...
Hi
We have a server, from where the user wants to go to, for example, abc.xyz.com.
The certificate from the website xyz.com has a CN *.xyz.com.
We dont have decryption for URL Filtering. In the URL Filtering category, we have allowed abc.xyz.com.
The u
...
We are configuring global protect.
The scenario is we use one armed global protect, because we have it connected behind our ASA firewall with functions as boundary.
As we have several scenario's we want to use the client and clientless version.
For th
...
Hello,
On the Tasks, I found Wildfire update failures.
How can we resolve that?
Raido_Rattameis
OtakarKlier
on:
Unable to ping website, getting this site can't be reached
BPry
on:
PCNSE certification, how to get an online training fully covering all the possible questions
reaper
on:
What does ch mean in PA-VM-OS Software?
