IPSEC VPN

I am working in a lab with VMware virtual machine and when I do VPN it throws the following error: ike phase 1 negotiation fails as initiator, main mode failed SA: 192.168.1.1[500]-203.0.113.40[500]Due to time. 

My firewall B is on another machine

Query regarding the Log Collector Disk Backup

How to take the backup of all the logs which are currently stored in the Log Collector disk (Approx. 300GB of data over 1 year). I have tried the export of logs from the Monitor TAB in CSV format but it's a really massive task to individually downloa

Python - Check Panorama Template - Certificates expiration

Hello everyone, I hope you are doing well!

We had an issue with certificate that as expired on one of our customer's device.
I know it exist this Github : https://github.com/ip-life-net/palo-check-cert-expiry and it works flawlessly with one device

When a firewall configuration migrated to the panorama, objects tab configuration imported as a shared object and got impact with other firewalls.

Hi team,

While integrating a firewall into the panorama, I imported as a Device >Setup >Operations >Import device configuration as Panorama. The firewall configuration in the objects tab was imported as a shared object and impacted the other firewall

Panorama read only tunnel interfaces?

Hi

I have a Panorama appliance and i am configuring our firewalls for global protect VPN, but i noticed once i pushed out the config for the gateway, it fails as the because it says the tunnel interface doesnt have a virtual router! 

I checked my con

localhost 31377 erno 111 connection refused

I made a configuration change on panorama.

commit to panorama fail

I checked the plug-in and only the sd_wan 2.02 plug-in was installed

No other plug-ins are installed.

My revert to running panorama configuration failed to solve the problem.

Panorama sessions in ACC view show much higher session counts than the session count on the firewall

Hi all, a bit of a mystery one here. can anyone explain this?

For example, "show session info" on the firewall cli and Dashboard GUI currently shows about 

but in Panorama under ACC

We're showing more like 500,000 connections!?!?!?

Can anyone e

Panorama Log collector

Hello,

I would like to know on a single log collector can you set up several profiles that send the logs to different servers depending on the source of the logs? 

We have several Firewall clusters on the panorama and we want to be able to send t

Unable to Add URL-Based External Dynamic List as Destination in Policy-Based Forwarding Rule on Panorama

I am attempting to use an External Dynamic List (EDL) with a URL-based list as the destination in a Policy-Based Forwarding (PBF) rule on Panorama. However, when I try to add the EDL as the destination in the PBF rule, I am not able to see the URL-ba

error: certfile should be a valid filesystem path

Hi Team,

I am trying to automate palo alto version 10.2.3-h2. Initially I tried to use Ansible: palo_security_rule module to push a security rule to palo alto, but I got error "hip_profiles unexpected here". The workaround for this error as looked up

Update steps RMA Replacement Firewall for case 2: Old device is still connected to the network and firewall is managed from panorama:

The following KB missing steps for version 10.1 as authentication key had introduce for this version onward

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clkn

Based on case 2 : 
if follow the steps provided the replaced