Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Dear valued Palo Alto Networks customer,
Please be advised that we have a planned service maintenance for the Cloud Services- GlobalProtect Cloud Service infrastructure scheduled from 03/05/2018 4pm PST to 03/05/2018 5pm PST.
We expect the servi
...
Is it possible to use DG layering to solve DaaS Zone issue??
1. Can we create a DG-DaaS whose parent will be ‘DG-AWS_DQA’.
2. Assign Seattle DQT firewall to DG-AWS_DQA
3. Assign Ashburn n future Chicago to DG-DaaS (since it has DG-AWS_DQA as parent, it
Is it possible to use DG layering to solve DaaS Zone issue??
1. Can we create a DG-DaaS whose parent will be ‘DG-AWS_DQA’.
2. Assign Seattle DQT firewall to DG-AWS_DQA
3. Assign Ashburn n future Chicago to DG-DaaS (since it has DG-AWS_DQA as parent, it
Hello All,
I have a design issue to mull over, and one of the options is to look at having ipsec tunnels between vsys isntances on the same box.
So, I have vsys1 as my default vr, what I may need to do is turn up vsys2 and have certain traffic in vsy
...
I'm attempting to factory reset a PA 200 that was on the spares shelf.
The unit appears to be stuck in Miantenance mode, every reboot command boots in maintenance mode.
I attempted to execute the factory reset and the message I get is:
"No curren
...
We have two vpn Palo Alto devices.
One in our HQ departement and one in a remote location.
I need to setup an IPSec VPN tunnel between these sites with the Palo Alto devices but I never did this before.
On the Palo Alto website I found this article whic
...
PA Best practice says you should have your rules documented on the rules and some where other than your rule base. Anyone doing that? and if so how
Hi,
I have a strange scenario here. To summarize, I had previously configured GlobalProtect on a Palo firewall and configured the Palo to redistribute that network range on the tunnel interface into OSPF. This worked without any problem.
Now, the IP a
...
Hi,
we have to build monthly PDF reports with nice graphs like Pie&Line Charts for the management. Unfortunately PDF summary reports are the only one which contain graphs (despite the ACC Widgets) and are generated only everyday. Is it possible to ge
...
I have two firewalls previously on HA (Active-Passive mode). We had to shutdown the passive device due to some troubleshooting. Then we had to roll-back the config of the active PA.
Here's the current setup. (HA links not yet cabled)
Active PA - lower
...
We have an agentless User-ID setup. Firewall is able to pull user accounts from the AD.
User-ID based policies were created on top of IP-Based policies.
However, some user traffic can be seen using the user-id based policies, some users can be seen us
...
Hi, so I've configured a new L3 subinterface on an existing L3 interface, both with IP addresses and I thought it was going to work. I've got a PBR rule in place on the previous hop, a HP switch, which diverts some traffic to this new subinterface. I
...
could anyone please advise a good way via cli to debug certificate authentication.
I have followed most of the log files but cannot find one related to GP authentication.
many thanks in advance...
Hi All,
Does anyone has any idea on how to list just the name of device groups in panorama using the api
if i do the following path:
https://mypanorama/api/?type=config&action=get&key=<my key>/config/devices/entry[@name='localhost.localdomain']/devic
...
PavelK
on:
Web Auth FW with HA
reaper
on:
Negate Deny Rule
BPry
on:
SFP Compartibility for HA on PA - 850
OtakarKlier
on:
Management Interface down
PavelK
on:
check Panorama Hardware reload/facing Panorama hardware reload after commit firewall policy to Palo firewall (
