PANOS 10.1.0 upgrade to 10.1.6-h3

Hi,

  I am at the tail end of upgrading our environment from 10.1.0 to 10.1.6-h3 with one system left and the software install bar has been at 45% for the last 5 hours. The system responds fine to commands, the GUI works, but the install isn't comp

Best Practice for URL policy question

So the scenario is we have an app on a server which needs to access several URLs. My colleague setup a custom URL Category and applied it to the policy, but the problem is this isn't working. From my reading on URL Categories, this applies to web-bro

Network Segmentation

Hi,

I'm working to redifine the global architecture. Currently, we have a cluster of 2 Watchguard but we will migrate to Palo Alto (PA-850). Currently, all vlan are configured on Watchguard but I'm not sure that is the best approach. On my LAB, bas

Software Upgrade Path within 10.1.x

Hi Team,

Planning a software upgrade on PA-5220 from current 10.1.5-h2 to 10.1.6-h3.

Can we upgrade directly from 10.1.5-h2 to 10.1.6-h3 or it has to go 10.1.5-h2. > 10.1.6 > 10.1.6-h3 ?

Thank you in advance.

Best regards,

Darren Chew

Wildfire is resetting the connection

Hi,

I want to know why wildfire is resetting the connection for legitimate traffic. 

Problem with PBF with two ISP and two VR

Hi all,

I have a PA220 managed with Panorama. Very cool mgmt and very powerful. Only the PA220 is a bit slow.

My Situation - I have two internet connections (Eth 1/1 and 1/7) with fixed IP. Both have their own VR and therefore both have a null route.

LED Status yellow for PWR

Hello Guys,

Need some suggestions, Paloalto 5220 or say 3220 while deploying I can see yellow LED in PWR but every other LED's are green.

referred -  https://docs.paloaltonetworks.com/hardware/pa-3200-hardware-reference/service-pa-3200-series-fir

Traffic log action shows allow but session end shows threat

Hi 

I need to know if any traffic log is showing allow and if the session end reason is showing as threat than in that case the traffic is allowed, or it's blocked, and also I need to know why the traffic is showing us threat.

How to add secondary wan pool added in sdwan configuration

How to add secondary wan pool added in sdwan configuration.

Unlicensed device that BPF and Security Policy is not working

Hi all, 

        I am facing one issue for PA-3260 (sw-10.1). This is not unlicensed. PBF and Security Policy is not stable on it. Some time is okay. Some time is not working well.  

PaloAlto base config, not able to commit config after removing vwire references

Hi Folks, I am using Palo-Alto 3260 without panaroma. i want to take base config from it, so we have reset the firewall to factory default and trying to commit config by removing vwire from interfaces and zones. but config is not getting commit and g

Pan OS 10.0 prefered release

Could you please conform Pan OS 10.0 prefered release ?

Google Cloud VPN IKE-SA-INIT packets being dropped

I built a site-to-site VPN between GCP and a PA3250, which is not working. Surely, I'm missing something.

The GCP vpn points to the same interface and IP that other VPNs successfully use on the Palo.

I added a Sec policy to allow the GCP IP and t