Asymmetry routing and NAT

Attending a class about cloud security - AWS, Its mentioned that we can have 2 different subnets, SubnetA connected to internet gateway for ingress traffic and SubnetB connected to NAt gateway for egress traffic. An this should/have to be done how tr

Palo alto Strata Cloud Push Error

I have been getting following error on Strata Cloud when trying to push the config to firewall

[errors]: invalid auth type(Module: routed)
[errors]: client routed phase 1 failure
[errors]: Commit failed
[errors]: Local configuration size: 14 KB
[errors]:

Decryption: Client and decrypt profile version mismatch

Hi folks,

Have been seeing a lot of "'Client and decrypt profile version mismatch. Supported client version bitmask: 0x08. Supported decrypt profile version bitmask: 0x60. ' errors in the log lately. This article:

https://docs.paloaltonetworks.com/

Can we set data cap with QOS in Palo Alto for an app-id

Can we set data cap with QOS in Palo Alto for an app-id. We would like to put a datacap on the backup to 400GB per month as we have data usage to 1 TB per month. Please advise if this can be done. I am aware we can restrict only bandwidth, please adv

How to Interpret running resource-monitor avg & max

Can anyone help explain and whether my understanding is correct?

avg is the average usage % in the past 7 days
max is the peak usage % at a certain time
Is the overall DP cpu operation normal??
Because max is displayed as 9x~100, it makes people feel

Error in Outlook Email Server Profile

Hi all,

I'm currently experiencing an issue with my connection to the Outlook email gateway. When using Gmail as the email gateway, everything works fine. However, I encounter problems when switching to Outlook.

To test the connection from the

Paloalto security Architect/Consultant - Advice

Hello Everyone,

I've been working with Palo Alto firewalls for some time now and am looking to explore opportunities in solution design, architecture, and consulting.

I know there are many talented professionals here who are already succeeding in thi

SFP Compatible Matrix

What are the compatible PAN model for PAN-SFP-PLUS-SR and PAN-SFP-PLUS-CU-5M

opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com, Reason: unable to get local issuer certifi

Hi, we are getting the following 2 x alerts on the same firewalls, can you please let us know how this can be fixed - googled it but I couldn;'t find a fix:
alert1:opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.p

DNS Servers Failure

In the Palo Alto firewall, we are unable to reach the DNS servers. These servers are in the cloud and act as proxy servers as well as domain controllers.

From our VMs, we are able to ping the DNS IPs successfully, but in the firewall session logs, it