eBGP to eBGP redistribution

Hello,

In a NGFW how to redistribute a default route received via eBGP on one circuit to another circuit, also via eBGP.

Basically performing an eBGP to eBGP redistribution.

Thanks.

Best regards

Do you know why you cannot check the Block IP list in other models except PA3200 , PA5200, PA5400 and PA7000 Series

Hi

I should look at 'monitor > Block IP List'

However, the tab could not be checked in the VM series and 3400 series.

And after checking the document, I found that only the 3200, 5200, 5400, and PA7000 Series support H/W Block IP List.

Are there

when I configure custom option 6 on DHCP, will it be over rides the primary and secondary DNS?

ADEM for on premises options?

Is this going live with ADEM for on premise firewalls?  It seems the programming is already inside global protect, it's just a matter of turning on inside the firewalls.

Does anyone have a timeline or some info regarding when this will come live for o

Enabling CTD inspection

CVE-2020-2035 PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions

For this CVE, the solution was to enable CTD inspection

May I know is there any impact to the system by enabling the CTD inspection?

Palo Alto unable to resolve its own static entries

Palo Alto unable to resolve its own static entries

When I try ping host abc.com

it says ping : abc.com : System error

How do I fix this?

There is a static entry for abc.com on the palo alto

Using external zone in DNAT policy

Hi Team,

We have 2 VSYS configured to communicate. 

VSYS 1 has 172.25.80.254 zone L3 : DC

VSYS 2 has 172.25.70.254 zone L3 : DMZ

I added two external zone (DC to DMZ) and (DMZ to DC) to allow communication between vsys and also the routing between

Configure PAN OS locally when panorama is down

Hello team,

I want to ask if when the panorama VM is down , and we need to configure firewalls locally, in this case , when we turn on the panorama , how would be the behaviour :

1- Panorama will detect that configuration is not sync and will inher

PAN-OS 10.1.15

Hi Team,

When is the expected release date for PAN-OS 10.1.15.

Path error issue when performing SCP from CLI of Paloalto NGFW.

Hello, I'm currently trying to transfer Stat-dump to NAS using scp by specifying a desired period.

I think the connection has been made since the NAS user authentication step has been completed through the CLI command.

However, an error occurs saying t

DAG object matching app-id as a destination address

Hello there,

I'm reviewing some security policies and came across something peculiar. I'm curious why a DAG would be used as a destination address that matches on app-id and the same app-id in the application field.

Is there any technical behaviour