Is my upgrade the cause of a vlan not working

After I upgraded my palo alto fro 7.1.15 to 7.1.16 I had a report that a certain vlan can not longer access the internet.  I have a back up of the config before the upgrade and one after the upgrade and so far I don't see any change in virtual router

Arp getting time out after 30 min on sub interface

We are facing some starnge issue .

We are having an ISP which is connected to sub interface.

We are trying to repalce it with new one. Same Subnet /29 but different IP. NAT rules also same because same subnet.

The issue we are facing is when new ISP con

Static Routes

We have a Cisco ASA that has tunnels to our branch offices.  An Example is 192.168.9.0/24.  The local network is 192.168.10.0/24.  The lan port of the ASA is 192.168.10.10.  The lan port of the Palo Alto is 192.168.10.1.  When I change the gateway to

MineMeld and ELK

Hi all,

I'm having some trouble parsing MineMeld events into Logstash, and then into ELasticSearch. Does anyone have any resources available for this kind of set up?

Bad Gateway Error - Minemeld Not Running

Hi All,

My Minemeld instance seemed to randomly break and I'm not sure why. When I try to login I get a bad gateway error and the EDL URL's give the same message. Here are some log snippets:

minemeld-engine.log:

2018-05-11T06:25:45 (4222)base.s

password policy has locked out the admin

Is there a way to have an email warning if a password is going to expire?  One of our palo alto (which is stigged) has locked every user out.  This includes the emergency and admin accounts.  I guess, now the only way to get back in is to to in via t

GP with HIP feature doesn´t work after upgrading Kaspersky to version 11

I´m using a HIP profile to check if antivirus real time protection is enabled in the PC, everything was working properly until upgrading Kaspersky from version 10 to 11. I cannot connect with GP anymore. Does anyone have the same issue?

"resubmit hos

Missing ikemgr.log

I wanted to delete the ikemgr.log.old, however, I deleted the ikemgr.log

Now no vpn logging is available anymore. I already restarted the management plane. No luck.

Does somebody know what to do?

Any Any Rule

Many times I have seen that engineers used to allow any rule during troubleshooting and forget to remove which creates problem in audit and compliance check, is there any option so that engineers should configure rule with any in source/destination/p

Controling East-West traffic without NSX

Hello,

In a "Supported Deployments on VMware vSphere Hypervisor (ESXi)" section of the documentation (https://www.paloaltonetworks.com/documentation/71/virtualization/virtualization/set-up-a-vm-series-firewall-on-an-esxi-server/supported-deployments-o