Next-Generation Firewall Discussions

Testing interfaces on Passive Node

Dear Community,

I have a strange problem related to my PAN1410. My FW are build to HA Active-Passive. Everythink works until failover occcure.. after that I lost connections to GlobalProtect.

It seems that I have problem with WAN interface, because w

Rule Order Best Practice

We recently migrated to the Palo Alto Firewalls. I am looking for best practice/recommendations on how to properly order firewall rules. We have all our block rules first (geoblocking, malicious sites, specific apps, etc) up top. But what about the r

SIP/RTP Traffic Issues in Palo Alto Active-Active vWire Setup Causing MAC Flapping In L3 devices

In a Palo Alto Active-Active vWire setup, traffic entering a port on Device A is not supposed to egress from any port on Device B. The HA3 link is typically used to forward packets from the active-secondary device to the active-primary device for pro

How to calculate max concurrent session and new session persecond in firewall

Hi

Please help to calculate ma concurrent session and news session per second in firewall

Not appending new address object in address group through REST API

We have been trying to append a new address object to an address group in the firewall. However, when we use the PUT method in Postman to insert it into the group, it replaces the existing address objects instead of adding the new one. Additionally,

PAN OS 8.1.25-h3 for PA-850

Hello Everyone, 

In one of the branch, we are having PA-850 firewall with firmware 8.1.13 version running on it. Because of the organization limitation, there is no internet on the firewall so we couldn't actively upgarde the firmware version. Now

PA-850 Software upgrade path

Hi all,

A bit confused on upgrading path for PA-OS. We are on Software Version 9.1.9 and are planning on upgrade to 10.0.11-h1. I was under the impression that you would want to download and install 10.0.0.0 first but mix input from other sources.

PA-820 after factory reset | by default User/Pass not working....

PA-820  experiencing an issue by default User/Pass not working   (admin/admin)  here is the logs listed below

Welcome to the PanOS Bootloader.

U-Boot 8.1.1.0-31 (Build time: Apr 23 2018 - 15:16:48)

Octeon unique ID: 03c00051821df31e00c6
N0.LMC0 Conf

Monitoring SD-WAN Tunnel-IF via ping

Hi Guys,

We're looking to connect multiple Palo Alto devices to our core Palo Alto via SD-WAN. In some cases, we have three internet connections at the customer site, each connected through a different ISP.

Our goal is to monitor each tunnel by pingi

Clientless VPN - Application is not accessible

Hello All,

This is my topology I have configured Clientless VPN hosting two application as, paloaltonetworks.com (external-application) and amazon.forest.in (internal hosted application). But i am unable to access the application that hosted insid

10.2.10-h9 Log Display Bug?

In the release announcements at Support PAN-OS Software Release Guidance it says that 10.2.10-h9 is the preferred release but on this page it also says that displaying filtered logs doesn't work properly and points you to a fix in 11.1.5

However th