How to Set Different Source IPs for Specific Syslog Servers

Hello,

I am currently using PAN-OS on a PA-3420 device and looking for a way to configure it to send logs to specific Syslog servers using different source IP addresses. The standard Service Route configuration seems to use the same source IP for all

Question above Forward Proxy Decryption implementation

Greeting all,

I've tinkered with Forward Proxy Decryption a bit in the past and I want to revisit this for a limited rollout to our servers at least.  My previous experimentation into the feature was for a Windows client so I understand the basics

Palo Alto user account

Hi

Our customer has a PA-440 firewall deployed with HA and we have a request about the creation of a user account that has a full access to the device over Web UI but it can't change delete or change password of admin account 

is it possible ? an

Firewall PA-460 Redundant Power Alarm

Hello, i have appliance Firewall PA-460.

i do the testing power with this device.  i had read the docs below.

Interpret the LEDs on a PA-400 Series Firewall (paloaltonetworks.com)

Replace a Power Adapter on a PA-400 Series Firewall (paloaltonetworks.

IPSEC Tunnel Down, All configuration is okay

Hi,

I have created a site to site tunnel, both devices are Paloalto firewall; One  Firewall is PA 820 and another one is PA 410

All the configuration is okay but tunnel is down.

We are ping public IP of PA 410 from PA 820, But Not able to ping publ

no_matches error

Hello,

I am having a problem accessing the Palo Alto cli/web.

I recently took the trial version of 30 days, but I always come across the following message when trying to log in.

"cfg.general.need-acknowledgement-to-login' no_matches".

I've lef

Test

test

Palo Alto Login issue though GUI " ERR_SSL_KEY_USAGE_INCOMPATIBLE " (Solved)

For the last few days, we have been experiencing an issue with logging in to the Palo Alto Firewall through the GUI. We are getting the below error from the browser during login.

Issues in PAN-OS 10.1.13

Dear All,

Did anyone installed the version 10.1.13, Can you please share your feedbacks regarding this version.

Device Telemetry is Showing Invalid Regions

Hi Friends,

Recently one of our customer has faced some issue in their firewall internally due to which they had to perform a factory reset.

After getting back the device up and fine we found a issue where commit is getting failed with Invalid Tele

Palo Alto - previous software disappeared after uploading 11.1.0-h3 version

Hello,

I wanted to update out Palo Alto 440 to a newer version and manually uploaded the 11.1.0-h3, however afterwards I can't see the previously uploaded softwares. When I checked in cli, they show up but with size 0 and I can't reupload any of them

Should I override the intrazone-default to deny?

TL;DR: yes, almost always.

We've had plenty of discussions on the behaviour of this default rule, and published Security Policy Rule Best Practices (paloaltonetworks.com) which provide guidance for logging. We've even discussed the results of these