rulebase -> security -> rules -> permit_common 'permit_common' is already in use

After importing configuration and after clicking on commit I get this, who know how can I solve it
rulebase -> security -> rules -> permit_common 'permit_common' is already in use

Thanks

PPPOE authentication with Plusnet FTTP not working

Hi I wonder if someone can help with this issue, it's a weird one I have a PA-220 firewall connected directly to the ONT provided by BT and I am trying to get FTTP broadband working using PPPOE, the interface on the PA-220 that is connected to the ON

Having issues with ipsectunnel after upgrading FWs(5260s) to 10.1.3

Hello Palo Community!

I have a a couple of ipsec tunnels connecting to a cloud vendor providing ERP services to our users. Since we upgraded our FWs to 10.1.3 a couple of weeks ago from 9.1.10, we are having issues with connection slowness, timeout

intrazone default

Hello,

I am observing that tcp connection between two hosts remaining in the same zone are not able to establish TCP connections [htts], while ICMP is successful. Tracing the traffic it shows up as application incomplete, rule intrazone default is hi

provide temporary internet access for some systems at specific period(1day)

our requirement is that temporary internet access systems want to remove automatically after specific period. any options available in Palo Alto?

Multiple L2 interface with same vlan tags

Hello All

We are migrating our fortigate firewall to palo alto. Fortigate is configured in transparent mode

Currently we have 2 networks and both network have same vlan ID and subnet range.

We plan to configure L2 interface on Palo alto then add

Network monitor shows huge traffic spike, but can't find traffic details

Hey folks.

I had a situation today whereby one of my PA's was responding really slowly across IPSec tunnels and for Global protect clients - so once I could get onto it I started digging into the network monitor to see if I could find out if there

SSH Proxy Bock Session with Unsupported Algorithm - What are the palo alto predefined unsupported SSH algorithm and version.

Palo Alto SSH Proxy blocks ssh traffic with error message unsupported Parameters. This is because of the SSH Proxy profile. However where can I find the parameter used for this communication and what is the recommended / supported parameters/algorith

Different telemetry region in ha firewall

Firewall A

Previously Default  Device Telemetry region is America 

After sudden commit fails due to error : 'Americas' does not match lcaas region 'in' 

So i changed the telemetry to india which is present in the drop down.

Now ,

In firewall B vice v

Certificate installation on device through remote system via REST API

Folks,

As we can see on palo public API docs , Seems it does not have REST API support for certificate management.

Is anyone tried or used REST API calls for certificate management ? 

#certificate #REST-API

Impact after Changing the key size setting clears the current certificate cache.

Due to VA Scanner scan my firewall having vulnerabilities of SSL Certificate Chain Contains RSA Keys Less Than 2048 bits .

So I plan to follow below KB to change the key size.

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certificate-man