Ghost session after VPN down/up

Hello,

I have an issue with many sites working with PA440 series. When the tunnel VPN fail down and comes up, some devices like printers, phones and access point can't connect normally to the network until that we clear old session related to the a

Question about REST API in PAN OS

Hi everyone,

I have a question about REST API in PAN OS.

1. When a query is generated using rest api in pan os, what is the process/daemon that handles this task? And how can I check it (from CLI or GUI)?

2. How many CPU/memory resources are co

What are the response steps to be taken in the event that DDoS is detected on the Palo Alto ?

Hello All, 

What are the steps to be taken in the event that Panorama detected some threat events in the category of DDoS. What should be the next steps to be taken from our end as someone managing the Panorama? This is from the viewpoint of Incident

Generate Certificate to be Signed by Public CA for Global Protect VPN

Hi All,

We would like to use our GlobalProtect VPN using certificate signed by Public CA.

As the CA team is requesting to generate CSR from Palo Alto Firewall , can I follow below article to generate?

https://knowledgebase.paloaltonetworks.com/KCSA

Service Route in Palo Alto | Role based authentication | Running & Candidate configurations | Backup configurations

In our series of Network Security from Basic to advanced theories & practical discussion, today is below target

•  What is the Services Route & how to configure it
•  Role base user management, authentication & creating users to assign rights, etc.
•  Runn

Palo Alto with Cisco router, GRE goes down

Palo Alto with Cisco router, GRE goes down after enabling the keep alive in Palo Alto side,

note that the GRE tunnel goes down from the Palo Alto side but still up from the Cisco side, but there is no ping reachability from both side

Does anyone have

Push to devices failed reason SSL handshake fail

Hello Team,

recently we are unable to push config changes to devices from Panorama (version 10.1.6-h6), it fails with this error message: Panorama connectivity check failed. SSL handshake failed, reverting configuration

Any suggestion?

Regards.

PA5450 Management ports Hardware suggestion

I am using PA5450 device and want to know the copper module for the management  ports. Any body use copper module or we have to go with the Fiber SFP ?

Custom URL filtering policy

we created two custom policies where some listed URLs or domains will allow on specific workstations and others will be denied. After implementing these policies we found that listed allow list URLs or websites can be accessible but end users only ca

PA-820 Interface configured but down

As the title states. I have an interface on PA-820 that shows "configured but down". 

This is really silly but I know the interface was "switched off" by another network admin. Under Advance --> LinkState is set to Auto already. 
There is some other s

System Alert opaque: failed authentication for user ''. Reason: User is not in allowlist. auth profile 'GP', vsys 'vsys1', From: "public IP"

Hi,

I've been receiving many system alerts with the message:

opaque: failed authentication for user ''. Reason: User is not in allowlist. auth profile '', vsys 'vsys1', From" "Public IP"

eventid: auth-fail

It looks like these public IP's are tr

Zone types | Interface Types | Tap mode | Virtual wire | Firewall Migrations

The series of IP Network Security from Beginner to Expert Both conceptual & Practical, has some fundamental topics we already covered in previous articles, today we will explain below topics

•          Interface & Zone Types
•          L2/L3 and Tap
•