Hi,
I have created following topology in PA (10.1.0) virtual lab to test "Layer 2 Interfaces with No VLANs".
Topology :- PC-1 --> L2 INT(None) - PA-VM - L2 INT(None) --> PC-2
I'm unable to establish connectivity between PC-1 and PC-2. Both Ingr
...
Hello,
I am having a problem accessing the Palo Alto cli/web.
I recently took the trial version of 30 days, but I always come across the following message when trying to log in.
"cfg.general.need-acknowledgement-to-login' no_matches".
I've lef
...
Hello Team,
We are implementing Traffic Inspection in AWS using the Inspection VPC , TGW and GWLB architecture. We would need to ensure upon device failure/reboot inflight sessions are not terminated. We use VM Series 11.
The official documenta
...
I needed to modify the earlier question; it was not a BGP keepalive timer, but as mentioned below.
"I wish to edit the BGP timers for Service Connection from Prisma Access. The settings can be viewed from Workflow ---Prisma Access Setup---Ser
...
Hello,
I'm struggling with the integration of new devices, after many tries, I finally removed the new devices, but 2 of the other firewall can't commit anymore :
when I try to push to devices, I've got the following error "Failed to generate selec
...
Good day,
I was trying to update the Global Protect client via the activation from the PA Firewall [Device -> GlobalProtect Client] our users are currently the version 6.1.0-58 but, we wanted to move on into the version 6.2.2, but, it always fails th
...
Got a weird one and I'm on Mac so short of pestering my colleagues reaching out to the greater community while I wait on support to attempt to triage.
GP client 6.2.3 - PAN 11.1.2
GP setup;
We're currently running on 10.2.3-h9 (PA-440's in HA pair Active/Passive) with remediation steps put in place for CVE-2024-3400 and Telemetry disabled.
We attempted to migrate to 10.2.8-h3 as it is listed as a preferred release and fix for the CVE a
...
It was working before but than administrator changes certificate.
Now I am trying to activate GP on MAC 14 Sonoma with latest GP 6.02.
I can open portal IP on web browser with my credentials and download latest GP software.
Authentication with user
...
We're migrating to a new PKI, the Issuing servers are signed by the root and all (3) certificates (Root, Issuing 1 & Issuing 2) are being pushed to the iOS devices via Workspace One. The config is more or less identical to the original PKI (the old P
...
We possess a set of PA devices configured with two ISP lines operating in an Active-Backup setup. Our objective is to permit email traffic to flow through the backup line as well, as we receive emails on both lines. However, we're encountering a prob
...
Dear Team,
Among models using Android 13, kernel 5.4 or 5.15, a certificate error appears to occur when connecting to the GP.
I confirmed with TAC that I need to use version 3 certificate.
However, many customers are using Paloalto's own CA ce
...
Hi,
I’m using 2 active VM series firewalls for outbound sessions with overlay routing, with GWLB and Transit Gateway (TGW) between the Application VPC and the Security (firewall) VPC. This is working as expected.
Inbound connections fail to establish
hello
I am configuring a GP gateway for Radius Authentication
I am using the CLI test authentication command to test
I can ping the Radius host and confirmed Secret
my troubleshooting shows packets allowed by the Security policy
I cannot see any
...
Hi team,
I've set up the Web proxy in transparent mode, but I'm unsure of its functioning. Our Palo Alto device doesn't support WCCP and only allows Inline mode deployment. With only the admin guide available for reference and study, I may be the sol
...
