Category Archives: paloalto networks

Export configuration from firewall in maintenance mode palo alto networks

If you don’t know the password or if there is some issue with the firewall you can try to export the configuration of the firewall from firewall in maintenance mode. To enter into main mode there are two way: a> … Continue reading

Posted in paloalto networks | Leave a comment

Know hardware detail of port of palo alto networks firewall

If we want to know the details if the port is Ethernet or fiber port. We can use following commands: Command: show system state filter sys.s1.p24.phy Output: sys.s1.p24.phy: { ‘link-partner’: { }, ‘media’: SFP-Plus-Empty, ‘type’: Ethernet, } Above command will … Continue reading

Posted in paloalto networks | Tagged , , | Leave a comment

Configure Palo Alto from CLI

Some time when we are pasting configuration on CLI of PA firewall we get “Invalid syntax.” even if the syntax is correct.It generally happens when you are pasting bulk configuration. We can overcome “Invalid syntax error.” as follows: admin@PA>set cli … Continue reading

Posted in paloalto networks | Tagged , , , | Leave a comment

Path monitoring in V Wire (Virtual Wire)Palo Alto Networks

We can have path monitoring configured even if all the interface are in V-Wire mode of a Palo Alto firewall. We have to specify a unused IP address and a IP address to which firewall will keep on pinging for … Continue reading

Posted in paloalto networks | Tagged , , , , | Leave a comment

Slow http/https response through Palo alto networks firewall in IE

Sometime website loads slow on IE but same website when we load on Mozilla Firefox, Google Chrome it is fast. This happens if you are giving restricted access to users. IE need to download some updates, connect to OCSP servers … Continue reading

Posted in paloalto networks | Tagged , , , , , , , | Leave a comment

Captive portal in Transparent mode on Palo Alto Networks firewall

Captive portal is a feature on PAN firewall which can be usde for user identification. We can have user to IPĀ mapping for the machines which are not part of a domain for example mobile phone, personal laptop, Guest user machine. … Continue reading

Posted in paloalto networks | Tagged , , , , | Leave a comment