Need help on VPN PA firewall to IBM cloud VPN

All,

I am new to Palo Alto World

Really need your Help in understanding how can i create the VPN for the below

1. IBM cloud subnet only 1 subnet so thats okay. 

2. Multiple subnets behind my PA firewall, my question is how to NAT them all to go out?

I

SNMP on Active-Passive HA Cluster

Hello,

I have SNMP configured and working on the Active member of my HA cluster.  i need to set SNMP up on the Passive member, i have made the changes and saved config but it is not working, do i need to commit the config?  if so, would this cause an

GlobalProtect Connection Problems

Hi All

I have had to re-install a user client Global Protect Agent 2.3.3-5 as he couldn't  connect, after re-installing he still cant connect and getting a error message off:

#“(T10576) 02/01/18 13:55:00:745 Debug( 226): CPanSocket::onConnect - retur

How can we manage the Firewalls while Panorama is out of service?

In a scenario with many groups of firewall's centrally managed by Panorama.
The Panorama is running in a appliance without HA.

What we should do when Panorama is outage by a problem and we have to do any change in the Firewall Policies?

Best Regards,

Mar

Decryption policy options explanation required.

Hello Everyone,

I am reading about decryption policy and have some questions in my mind, so looking for some answers.

1- In order to apply the decryption profile, do I need to have action set to decrypt ?

2- what is the advantage if I have a decrypt

Determining failed administrator interface logons from syslog

Hello!

I'm running into an issue. I would like to record failed logons to the administrator interface via syslog but the log format and contents of the logs appear to be exactly the same as those when a user performs a failed login to GlobalProtect Cl...

Traffic in interface tunnel

Hi,

I have enabled QoS in order to limit a tunnel interface to maximum badwith to 50Mbps. QoS is well-applied but the current BW value is not being showed in QoS statistics. What ways are there to know the amount of traffic that goes in a moment thro

How to get the SSL cert (pem format) from Minemeld (On Unbuntu)

Hi Guys,

I would like to import MM cert into Qradar in order to consume feed from MM. where i can get the SSL cert?

Power failure on PA-7000

The PA-7000 Hardware Guide specifies they minimum number of active PS to provide enough power for a chassis depending on the type of power and number of NPCs installed.

For example, if the PA-7050 chassis is powered via 120V AC and has 6 NPCs installe

MS-ISAC Soltra Feed?

Through MS-ISAC we are able to consume a Taxii feed (I believe it originates as a Soltra Edge feed).  Currently this is going straight into my palo as an EDL.

I would like to bring it in through minemeld so I can add other feeds and take advantage

Panorama VM in HA and log forwarding via syslog

Panorama VM in HA setup and panorama mode

Panorama A: primary-active

Panorama B: secondary-passive

Both have a local log collector and both are added to "default" log collector group. In this log collector group, log forwarding via syslog is configure

GlobalProtect on new MAC pc

Hello,

We have installed the Global Protect software (version 4.0.5-8) on a new MAC computer (High Sierra version 10.13.3). However the Connect button is greyed out along with a number of other buttons. The only available buttons are Show Panel / Abo

OS upgrade rollback from 7

I am currently on version 6.1.10 and when I upgraded to it in March I was told by TAC that is was currently the most stable version. I am looking at what it would take to move up to the most stable version of 7 but first I want to figure out the best