PA7080 Bonded Mgmt interfaces failover issue

I am having an issue with a pa7080 connecting to an ex4300

Port map: PA7080 >>> EX4300
Mgmt A=Eth0/1<===>ge-1/0/1 Up/Up (MAC table entry)
Mgmt B=Eth0/2<===>ge-1/0/2 Up/Up (No MAC table entry)

Both interfaces show as UP/UP but only one is passing traffic

Request for confirmation of issue IDs regarding version upgrade from PAN-OS v10 to v11

Hello community.

We are planning to upgrade our PAN-OS from 10 to 11.

As we upgrade, we would like to know if there are any detailed conditions that cause problems with the following Issue IDs, and how to work around them.

・PAN-286848
・PAN-254240
htt

Software EOL 10.2

10.2 is listed on https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary#pan-os-panorama as having an EOL in August followed by a limited support EOL in 2026.

It's notated as continuing to be supported on ce

Palo Alto Networks Cloud NGFW Sentinel Integration High Level Architecture

Here is a reference architecture illustrating North South traffic inspection scenarios when integrating with Microsoft Sentinel

PANOS exposure API?

Anyone know of an API exposure of the information presented by 

Security Advisories | Palo Alto Networks

and/or

Palo Alto Networks Security Advisories

The goal is to be able to maintain a database of exposures and affected products/versions suitabl

Load balancing using ecmp

Hello All,

Configure load balacing between 2 isp router following below link using ecmp protocol. Now we have below requirement

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClF8CAK

site to site will be from secondary isp l

Palo Alto T-Q28-100G-S4 and PA-5450 with PAN-PA-5400-NC-A

Hey everyone,

I am working on a project to integrate Cisco Catalyst 9500/Nexus 9300 switches with Palo Alto PA-5450 with PA-5400-NC-A cards using 100G QSFP transceivers. Specifically, I was testing with below transceivers.

• Cisco QSFP-100G-SR4-S

Palo NAT Question

About the setup:

1. Both DC's are connected to partner via IPSec tunnel

2. Always prefer DC-1 & use DC-2 as backup

3. Panorama mgmt IPs gateways is on core switch

4. Palos point traffic to mgmt subnet towards core switch

5. Vendor access panorama using 3.

Azure VM-300 Firewall subinterfaces and multiple VNETs

I am running a VM-300 series firewall in Azure. I currently have 4 interfaces on the device (management, HA, untrust and trust). In Azure I have 8 VNETs. I would like to send all VNET to VNET traffic to the firewall for inspection and policy applicat

How to block traffic from a specific ASN using DAG

I could use some assistance since AI sucks and gives you the wrong info.

Here's what I would like to do, we already geoblock but I need to block malicious traffic (multible IP ranges) that's associated with a specific ASN.  I've tried creating a dy

IPv6 and TLS 1.3?

I've been having some IPv6 issues (we're a dual-stack setup currently), and it seems like every time I fix one, I find another.

The latest is an issue with some, but not all, IPv6 websites. Sometimes they'll load... sometimes they'll start to load