Terminal Services Agent (TSAgent) for Azure Windows Virtual Desktop?

Has anyone tried, or knows the compatibility / support status of TSAgent on Microsoft's Windows 10 WVD capability in Azure?   We're using it at the moment and are also looking to add user-id to the Palo Alto setup but wanted to check the status of su

Firewall forwarding log to Private IP of Panorama --- failing - (AWS - VM series)

I have an Panorama managing Firewalls (in different region , subscription) -- latched via Public IP.

The firewalls are set to forward logs to Panorama. 

Unfortunately , the Firewalls are forwarding logs to Private IP address (which is failing cause of

Panorama (on EC2) config export to S3 (AWS)

I am design an config backup architecture for all the devices managed by Panorama (in AWS Cloud EC2) , dumping the devices configurations to S3 bucket . Is there anything natively present on this VM-series to utilize for this ? 

++@jmeurer , @BPry  ,

Cloud performance ( I know the real answer is it depends )

Hello All,

Just curious what others have seen when it comes to performance/throughput of a cloud based PAN. My question is geared towards GlobalProtect and clients browsing off network, e.g. off network clients VPN into the cloud PAN and browse the in

AZURE ILB healthcheck Fails because of MS Public IP (168.63.129.16)

Hello,

I'm setting an Active/Active PA design with Azure ILB for traffic balancing, my backends are PA firewalls on each of their interfaces (I'm using 6 interfaces)

Azure ILB uses the same Public IP to monitor health status of all the backends https:

Can we advertise an IP of /32 from Palo Alto firewall to TG (Transit gateway) of AWS via BGP route advertisement

Loopback is configured on router in at a HUB  site and we want to ping the IP of  an instance in  VPC-1.

We are advertising the loopback IP (/32) from HUB site as shown in the above diagram. Loopback will be advertised from  Hub site to TG (Transit g

Azure VNET peering

We are going with hub and spoke model, PA being the hub. When we peer a spoke VNET with the hub does the subnets in peered spoke also go through intrazone rules.

Spoke-vnet - (subnet1, subnet2). 

Would subnet1 <> subnet2 communication pass through int

SSL Decryption Inbound Inspection

On AWS we have deployed Application Load balancer after firewall. Can we configure ssl inbound inspection in this case?

Will it work properly, whic certificate we have to import on firewall, server certificate or ALB certificate?

Source and destination both NAT required for inbound connection on Azure...

Hi Team,

On public cloud Azure, why we need to translate source address also for Destination NAT?

When i am translating source with trust interface IP it is working fine but when i am keeping the address as original it is not working. 

Kindly let me kn

Strange issue- VM-Series Ext interface with Elastic IP in AWS not reachable. (outside test PC reachable)

I am trying to POC a scenario for my customer in AWS with dual Palo Alto in HA within same availability zone. (We need to build a site to Site VPN tunnel from on-Premises to AWS Palo behind IGW)

I am facing a strange issue. I an not able to reach the

Website is slow when put behind vm-series 300

We have deployed vm-series 300 in AWS recently and put our production site behind it, but we are seeing a performance degradation, the website is taking around 2-3 mins to load for the first time which normally it didnt take, we have not put any url

Cloud VM Series disconnecting from Panorama after commit & push

Hello,

I had 2 VM-series firewalls running 10.0.3 in AWS which I had connected to my on-prem Panorama also running 10.0.3.

All looked fine until I made a change to the security policy and executed a commit & push to the VM's.

After this the Panorama com