Palo Alto 5250 - Configuring HA between vsys

Hi, 

Is it possible to configure two physical Palo Alto 5250 in Active - standby mode while distributing the load for Vsys across both the physical firewalls. 

For eg.

I have two physical firewalls - PA1 & PA2

I have 6 vsys in each firewalls - Vsys1, V

ECMP Config for 2 Internet links Site (Dual ISP)

Hello Everyone!

Site with 2 X PA500 in HA

2 Internet Links

PANOS 7.1.16

ISP1 - 187.190.74.22 (internet dedicated)

ISP2 - 192.168.0.66 (DSL link)

Config done

Virtual Router 1 - RT-LAN

Virtual Router 2 - RT-WAN

@RT-LAN

0.0.0.0/0 points to next VR "RT-WAN"

@R

Problems after RMA

hello

After RMA the device we had prepared new device.Updated software and APPs and Threats signatures and also other signatures

Then imported the old config.But there are many problems.First time after time it is impossible to update dynamic updates

Connecting to Management GUI remotely on a different port.

I have a PA500 offsite that I manage remotely by connecting to the outside interface IP address, let's call it 188.1.1.1. My issue is I want to also set up a Global Protect SSL VPN gateway and the only IP choice it gives me is the outside interface 1

SNMP aged out

Dear Guys,

I have a WAN router where we are trying to do a SNMP read only, but it keeps saying aged out. 

we have different devices as well which are working but SNMP on this router doesnt seem to be working.

How can i prove that it is not the issue w

can we send bro ids log to qradar Ibm?

hello every body , i have a project when i shall send the bro ids log to qradar Siem ,i want to know if it is possible or not

Is there a minimum upload and download speed required for Global Protect to operate?

I have a group of users that use Sprint and Verizon hot spots in order to establish a VPN connection from a remote location to our corportate network using the Global Protect Agent. Some of the hotspots are experiencing a 2-3 Mbps upload and 2-3 Mbps

Qradar couldn't connect MM Taxii output

Hi Guys,

It seems issue happend at Minemeld side.

This is error from Qradar Threat Intell app "There is a problem connecting to the TAXII server. Verify that the TAXII server is available. Get list of collections failed."

This is error from Minemeld

Slow throughput on newly installed PA-820

Hello all...I have a newly installed HA pair of PA-820.  Our ISP circuit is 50Mbps/50Mbps.  Testing from a LAN pc, I am only able to download a max of 14Mbps using speedtest.net or speakeasy.net.  I have called Palo Alto support and they suggested se

User-ID redistribution from captive portal user-mappings

Hi All,

We're collecting user mappings from multiple sources, AD/Exchange, XML-API and Captive Portal and we've just set up User-ID redistribution to share it among various VSYS'.

All seems to be going well and user mappings created via AD/Exchange a

PAN-OS 8.0 Upgrade Blocking Nexflix

I recently upgraded my home PA-200 to PAN-OS 8.0.1 from 7.1.7.  All seems fine, except that from two Samsung smart TVs Netflix streaming is affected.  A diagnostic test on one of the TVs shows that the app is able to connect to 1 of 4 Netflix servers

QRadar Fails to populate CIDR value in the Referenceset while polling from minemeld

Zone available in template stack but not available in policy

Issue Description

 Specific zone which created in global template is available in one stack but unavailable in other, though this global template is part of their stack.

Config details

Each firewall has their own stack, template and 1 common global tem