BGP Peering Issue

Hi All,

I have an issue with maintening a BGP Establish connection. Essentially the setup is the Palo Alto to two peers to allow for resilience if one BGP peer fails. If one peer is established it stays stable. If I enable the path to the second peer

Duo SSO With GlobalProtect Client Connection Not Getting Established

I’m encountering an issue with our GlobalProtect VPN setup, which uses LDAP for user authentication and DUO SSO for multi-factor authentication (MFA). The process works as follows:
1. Users launch the GlobalProtect application.
2. They are prompted to

Shared Content Preview

Working on a 1410 and while everything appears to be working correctly, I noticed if I export the configuration in cli in set format, I have a number of lines that start with:

set shared content-preview application

The firewall has never been man

couldn't able to renew the self-signed certificate in palo alto firewall

Hi Guys

I'm facing issue while renewing the certificate in palo alto firewall (PA3220 Version 10.1.6-h6) its giving me error is file to write issuer certificate components to disk.

I have check the disk space sh system disk-space

show system disk-space

Blocking the opening of all emails except company emails

Hello,

How should I proceed to prevent all emails except the company email from being opened?

Secondry ISP not able to ping form external.

 I have two ISP connected to my firewall.
1. ISP1 is in untrust zone and default route configured metric value is 10.
2. ISP 2 is in WAN1 zone and default route metric value is 15.
3. Both ISP are in same virtual router.

I am facing one issue i cannot

PA440 Upgrade/Downgrade from 10.1.8 to 10.2.7-h3

Hi guys,

I was trying to upgrade PA440 on my lab but it was failed. (10.1.8 -> 10.2.7-h3)

The following message was output.

==

Operation Download

Status Completed

Result Failed

Details

Successfully downloaded

Preloading into software manager

Trac

configure ha in different locations

hi,

I have 2 palo alto and I have them in different buildings and I want to set up an HA between them how can I do it without just pulling a direct cable I want it to go through the network infrastructure.

Kind regards

Tunnel Interface IP Address Requirement

Hi everyone!

I am a new learner for Palo Alto 

 I want my Remote Network to reach my HQ Network via GP.

I am kind of confused whether when I am going to use IP Address to my tunnel interfaces, either on IPSEC site to site or Globalprotect depl

FW specific rules from the Panorama shared policy

Hi All,

Using Panorama (10.1.x) with a number of managed FWs
we have a shared pre policy, parent pre policy and child policies with pre rules configured within.

goal - in event of a security incident on a branch location we want to have a pre-defined

Replacing the FW serial number in Panorama with a new one

Hi,

What is a reliable way to replace the FW serial number in Panorama?

We had a problem uploading a new license because the FW serial number did not match. Palo Alto TAC solved the problem, but the serial numbers changed, which caused the FW to