Hi There
We have two PA-220-ZTP Firewalls with PanOS: 10.2.3 and in Active-Passive configuration
On the passive firewall we see Packet Buffers on Data Plane filling up over time. The active firewall doesn't have this issue. I've just rebooted the p
...
Hi guys,
I have 2 PA firwalls in HA, and since couple days, when i try to ping one firewall interface from a router(like 1000 ou 10000 packets) i got packets drops in icmp(2 to 3% loss packets)
Hi All,
We have 2 Palo alto firewalls in HA mode (Active-standby).
Palo alto mode: PA-3220
OS Version: 10.1.6-h3
We create Unique certificates (for management, interdevice) in each firewall with hostname. After some time, the certificates in seco
...
We just installed SSL decryption ( not self signed) across our PANs. It is working fine with Windows workstations at office and at home. However, with MAC machines it is working inconsistently when at home and connected to global protect. Some site
...
I am working a migration of a Cisco ASA Firewall to Palo Alto and the NATs are confusing.
Here are a couple of the NATs:
(Outside) to (Vendor) source static 10.5.1.0/24 10.5.1.0/24 destination static (10.24.49.47 & 10.24.49.46) (10.24.49.47 & 1
...
Hi All,
I installed User-ID Agent on the Windows DC, and it is working somewhat successfully. For some odd reason it recognizes the users from our domain but on the app's monitoring tab, where I can see the IP-User correlations, sometimes the users
...
Hi team,
Is it possible to change the way Palo Alto links a group on AD? From CN to SID??
Cheers,
I'm experiencing an issue with internal users unable to access some banking websites/URLs. Users can access these sites over the VPN (Global Protect) but can’t access these sites from the office/Internal.
I then created a URL Filtering category (ad
...
Hi,
I would like to know if IKEv2 phase ia compromise because of weak encryption in proposal, malicious user can access to all data sent across the VPN connection, which may include passwords and sensitive file ?
Or
Malicious user only know phase 1
...
Hello!
I want to send webhooks from paloalto 5220 (panos 10.2) to google chat (about the commit). I found the following document https://live.paloaltonetworks.com/t5/log-forwarding-articles/pan-os-8-0-http-log-integration-with-slack/ta-p/172093.
But I
Hi guys
I am a bit lost in our own network...... We have a PA-820 Cluster in active-passive mode. It is running for maybe 7 months now. Each firewall has 2 uplinks to our 2 core switches and 1 downlink to the access switch (with subcontractor on it).
...
DHCP allocation is showing blank on Palo alto on version 10.1.8. please suggest
Hello,
We have a problem when trying to delete vsys1 from the FW. Customer enabled multi-vsys and they had two vsys configured. Right now, due to topology changes, vsys1 is no longer required so customer would like to delete that vsys.
The thing
...
Hello all,
Customer has a problem were their PaloAlto suddenly declares all neighbors adjacencies down, after that the PaloAlto will do a grateful restart and the OSPF neighbors will change to init, and then go full again, this OSPF flapping lasts
...
Hi,
I've just been reading about the new proxy capabilities with PAN-OS 11.0.
I could find any mention about ICAP support. Is ICAP supported?
Thanks,
Ben
PavelK
on:
intrazone default
OtakarKlier
on:
Multiple L2 interface with same vlan tags
aleksandar.asta
BPry
on:
Certificate installation on device through remote system via REST API
