Timeout for some connections using GWLB

Hi All

Has anyone else had a play with the GWLB on AWS?

I've here a topology hub and spoke base on this link:

https://aws.amazon.com/pt/blogs/networking-and-content-delivery/centralized-inspection-architecture-with-aws-gateway-load-balancer-and-aws-tra

Azure Network Watcher

Hello,

i want to do a packet capture on a VM interface using Network Watcher for some traffic on our VM-300 series NGFW but our CSP advises this is not possible.  The extensions section in Azure seems to confirm this.

can anyone advise if this featu

Public IPs with NAT in IPSEC

I've got a rather bizarre setup that I'm trying to integrate with a new customer using a vm-series 300 in AWS. I have setup and established an IPSEC tunnel  (that even comes up when we attempt to send traffic over the tunnel). Where it gets complicat

Inbound Traffic to Azure Public Load Balancer

I've become stuck on an issue getting inbound traffic working to a resource in a subscriber VNET behind a transit VNET where firewalls are configured.

I think I'm missing something obvious, and thought I would bounce ideas off of the community here.

Azure LB Static Route and IPSEC failover

I am having the attached topology. I have two ipsec tunnel from two vm series paloalto to same peer ip which is in prisma cloud. 

on trust side I have an Azure load balancer which would send traffic to 2 firewalls and having a health probe as ssh to

Zone Protection profile pushed from Panorama to VM-100 in Azure

Hi all,

I am having recurring issues deploying zone protection profiles for VM series firewalls in Azure, from Panorama templates, revolving around SCTP settings, whenever I try to push the template the commits are failing with the below error -

• Deta

Does the HA Passive PA-VM Firewall forwards the logs to syslog server

Team,

We have the pair of PA-VM deployed in HA A-P mode. The log-forwarding facility is enabled and the logs are being forwarded to the external Syslog-Server.

It is noticed that the Passive node is not sending any logs to the Syslog-Server. Only the

VM firewall HA on AWS

Hello,

We need to deploy two VM series firewalls on AWS cloud in HA. Both firewalls will be in different AZ. I have below questions-

1. Is it possible to do such configuration?

2. If yes, please share any reference guide?

Thank you in advance

Azure Network Watcher VM extension?

Hello... is it possible to install that Azure Network Watcher VM extension to enable traces and packet captures from the PA VM to the Azure gateway?  It would be handy to help troubleshoot connectivity issues between the PA and the GW.  Thank you.

ESXI Server - Inside Host is on Same Port Group as Palo Alto FW Inside Interface and Pings are failing from all inside hosts

I have a ESXI Server with firewall (Inside, DMZ and Outside) zones

Palo Alto has a rule to allow interzone traffice from inside to outside

Palo Alto has NAT configured for Outside Interface

When I try to ping from host to host on in the same port g

problems to configure internal load balancer on GCP

Hi team, we are working in a lab environment, following the recommended architecture manual:

https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/guides/gcp-shared-vcp-deployment-guide

We have followed

Incomplete error

I have a Linux VM trying to send traffic over port 25 smtp and I am getting an incomplete message on the PAN-VM. I have done a few tests with port 587 and works fine, I have gone through the rules in focus detail to verify the rule should allow it bu

GRE Tunnel is not Coming UP

We've created eight GRE tunnels and it's working fine. But when going to create another Tunnel, the tunnel is not coming up. We've tried to changing the remote site router, but no luck.

VM-Series License limits - VIrtual Routers

I have seen documentation outlining the differences in the number of Rules, VPNs, sessions and zones for each VM-Series license, but i think there are also limits on the number of Virtual Routers you can create on each VM license.

Is there any documen