pa850 spf+ interface speed setting separately

I set pa850 one spf+ interface speed to 1000M,the pa850 report commit fail, "Error,invalid forced speed/duplex for ethernet1/12,interface configuration error..."

in cli mode, the command of setting interface speed is only "set system setting ports-9-

No Internet Access or Cannot ping to global dns

Dear Team,

I have layer two switch which is connected to core switch (layer 3) and created the trunk link between these switched and the core switch is connected to my firewall and created route port to firewall from this core switch. outside my f

MIGRATE ASA Firewall to Palo alto(3410)

We want to migrate from ASA to PA(3410) , we are using expedition tool.

But when we try try to add device in expedition migration tool (v 1.2.34), we don't see any drop down for 3400 series firewall.

Is there any solution for this?

Can I proceed by

DNAT fails to work on PA-VM

Hi PA experts,

    I've been racking my brain to figure out the DNAT problem when doing the tests on PA-VM.

    It should be a very common scenario which is why I really don't get why the common DNAT doesn't work. 

    On PA, the inside interface is

User-id & group information miss mapping issue

Hello,

PANOS 10.1.0 upgrade to 10.1.6-h3

Hi,

  I am at the tail end of upgrading our environment from 10.1.0 to 10.1.6-h3 with one system left and the software install bar has been at 45% for the last 5 hours. The system responds fine to commands, the GUI works, but the install isn't comp

Best Practice for URL policy question

So the scenario is we have an app on a server which needs to access several URLs. My colleague setup a custom URL Category and applied it to the policy, but the problem is this isn't working. From my reading on URL Categories, this applies to web-bro

Network Segmentation

Hi,

I'm working to redifine the global architecture. Currently, we have a cluster of 2 Watchguard but we will migrate to Palo Alto (PA-850). Currently, all vlan are configured on Watchguard but I'm not sure that is the best approach. On my LAB, bas

Software Upgrade Path within 10.1.x

Hi Team,

Planning a software upgrade on PA-5220 from current 10.1.5-h2 to 10.1.6-h3.

Can we upgrade directly from 10.1.5-h2 to 10.1.6-h3 or it has to go 10.1.5-h2. > 10.1.6 > 10.1.6-h3 ?

Thank you in advance.

Best regards,

Darren Chew

Wildfire is resetting the connection

Hi,

I want to know why wildfire is resetting the connection for legitimate traffic. 

Problem with PBF with two ISP and two VR

Hi all,

I have a PA220 managed with Panorama. Very cool mgmt and very powerful. Only the PA220 is a bit slow.

My Situation - I have two internet connections (Eth 1/1 and 1/7) with fixed IP. Both have their own VR and therefore both have a null route.

LED Status yellow for PWR

Hello Guys,

Need some suggestions, Paloalto 5220 or say 3220 while deploying I can see yellow LED in PWR but every other LED's are green.

referred -  https://docs.paloaltonetworks.com/hardware/pa-3200-hardware-reference/service-pa-3200-series-fir

Traffic log action shows allow but session end shows threat

Hi 

I need to know if any traffic log is showing allow and if the session end reason is showing as threat than in that case the traffic is allowed, or it's blocked, and also I need to know why the traffic is showing us threat.

How to add secondary wan pool added in sdwan configuration

How to add secondary wan pool added in sdwan configuration.