Next-Generation Firewall Discussions

Palo alto HA enquiry

Hi guys,

Currently firewall is configured in HA active/passive mode.

We are trying to find out if we are able to change the HA mode to active/active.

What are the impacts and requirements if decides to change the HA mode.

Firewall security managing via Zone vs multi layered firewall

Hello Experts,

We are in the process to migrate from our current firewall (enterprise network)  platform to Palo Alto. Current firewall infrastructures are layered hardware like one pair for perimeter, one pair for business network (internal), one pa

Bidirectional PIM Support

Hello everyone,

Does PaloAlto support bidirectional PIM?

I understand that bidirectional multicast means that a device can be both a sender and a listener, and I would like to know if PaloAlto supports multicast communication in PIM-SM where a si

Training for PCNSA & PCNSE

Hello Team,
Hope this finds you all good!! I am looking for PCNSA and PCNSE training. Do we have any official videos from Palo Alto for same? I tried creating account of Beacon but it's not letting me.

Security policy not matching for CP authenticated LDAP users

Objective: Configure Captive portal for non-windows users to authenticate, but use AD credentials through LDAP authentication. 

Configuration performed.

1. LDAP profile, Group mapping settings, server monitoring. (test command authentication is  succe

Palo Alto Admin UI SAML authentication failures

A few months ago, a failure occurred with SAML authentication configured between Azure and Palo Alto for firewall management. It is believed to have arisen from a flaw that occurred with Microsoft in late October and early November.

The issue is that

Issue connecting to GlobalProtect with public wifi

Hi guys,

I'm at a coffee shop and using their public wifi to connect to my company GP VPN. I was able to enter my credentials and MFA. The GP showed that I'm connected, but I'm not able to connect to my company's local stuff and can't browse the inte

Unable to upgrade past 11.0.4-h1

Trying to get to 11.1 but when we upgrade, after a period of time, usually 30-60 minutes after the upgrade outbound traffic begins to fail. We see traffic allowed and going out but 0 returned. We have tried several versions of 11.1 as well as even 11

Minor patch release date for 11.1.8

I have run into a situation when we upgraded our environment to 11.1.4-h7, where from the Panorama, I can not modify existing rule sets with my radius authenticated account. This environment is government, so STIGS are used (this should allay any odd

Phishing email? - Important: Palo Alto Networks Informational Security Bulletin

I just received what looks like an official PA email which suggests I visit (which appears to be legit)
https://security.paloaltonetworks.com/PAN-SA-2024-0015

For important security information about how to configure my management interface.

Yet when

PA-450 am using getting issue on Port forwarding

PA-450 am using getting issue on Port forwarding

public to private port forwarding 9000-10999

it is not accepting on destination translation 

is there a way to monitor PA 440 HA cluster as one machine in PRTG, if yes how to configure it

is there a way to monitor PA 440 HA cluster as one machine in PRTG, if yes how to configure it

TIA