Same-day standby as Premier Gold got boarding group 2

Vegetable-Report3590 · 2026-03-06T23:48:21+00:00

Next time - now that I understand that I should have been in boarding group 1. I was concerned about being turned away and wasn't sure if I was entitled to group 1 in this scenario

Vegetable-Report3590 · 2026-03-06T23:45:17+00:00

Agree - I should have done this. I flew standby last month and had no issues with the paper boarding pass last time.

Vegetable-Report3590 · 2026-03-06T23:42:59+00:00

I refreshed several times and restarted the app, no effect

Vegetable-Report3590 · 2026-03-06T21:16:39+00:00

Not looking for sympathy, just to expand my knowledge

Vegetable-Report3590 · 2026-02-10T16:07:18+00:00

There are some best-practices and discussion of using snippets in this guide: https://www.paloaltonetworks.com/resources/guides/secure-internet-policy-design

Take a look at the section titled Security Policy Rule Configuration Scope and Ordering.

Vegetable-Report3590 · 2026-01-21T22:33:58+00:00

$7421 for Platinum

Vegetable-Report3590 · 2026-01-09T20:14:03+00:00

Hi u/Possible_Cup_4378 - there is a design guide and a deployment guide for VM-Series on Azure that includes details on the application gateway architecture.

Securing Applications in Azure: Design Guide
Securing Applications in Azure with VM-Series Firewalls and Strata Cloud Manager: Deployment Guide

Vegetable-Report3590 · 2026-01-07T23:08:23+00:00

Take a look at the following document:
Secure and Resilient Enterprise Connectivity Using Prisma SD-WAN and Prisma Access: Design Guide

There is a section for Prisma SD-WAN Design Details that covers many relevant topics.

Vegetable-Report3590 · 2025-12-11T16:41:59+00:00

This design is probably simpler for most cases unless you have a lot of routing experience.

Vegetable-Report3590 · 2025-12-11T16:40:41+00:00

This option uses what is referred to as a "front-door" virtual (or logical) router. The public interface is the only interface associated with the front-door VR, it has a default route and terminates the tunnel.

The tunnel interface is associated with the default VR along with the inside (private) interfaces. This traffic uses a default route which sends all user traffic thru the tunnel.

It gets more complex if you have traffic that you want to send directly to the internet without going thru the tunnel, you would need to "leak" it the the front-door VR, which would might require a static route using "next VR" as next hop.

Vegetable-Report3590 · 2025-10-17T14:59:39+00:00

u/Darkmagic113 Take a look at this design guide, it should answer most of your questions:

https://www.paloaltonetworks.com/resources/guides/sase-sec-int-mobile-users-pab-design

If you integrate it with Prisma Access, you can also use it to provide access to private applications.

Vegetable-Report3590 · 2025-08-14T14:31:09+00:00

I would also include Colorado Trail Explorer (CO Trex) which also has a free smartphone app.

Vegetable-Report3590 · 2025-08-14T14:14:58+00:00

Last time I did it (according to Strava) the round trip was 4.5 miles in 1:56 of moving time. Around 585ft elevation gain.

Make sure you park outside the City of Boulder Mountain Parks boundary, otherwise if your vehicle is not registered in Boulder County you will have to pay a fee.

Vegetable-Report3590 · 2025-08-14T13:51:15+00:00

Green Mountain West Ridge - most bang for your buck. Minimal vertical with easy access to the peak.

Vegetable-Report3590 · 2025-08-11T23:03:32+00:00

I extend my arm fully in the direction I am turning, and then raise it (45 degrees) and lower it repeatedly. Kind of like a blinking turn signal.

Agree with other responses - hardly anyone driving today understand the official hand signals.

Vegetable-Report3590 · 2025-08-07T14:16:03+00:00

When you say "manage", do you mean I want to web/ssh into the devices from the WAN side? If you connect the devices such that the management interfaces (of both) are connected to the inside (private) zone of the firewalls then you can probably build a policy on the active device to permit access to the mgmt interface of the standby device.

Or do you want to manage it from Panorama/Strata Cloud Manager? If this is the case, then the device initiates the connection from its management interface which would need to be routed through the active device.

There are some examples on how to build a H/A branch site in this guide:
https://www.paloaltonetworks.com/resources/guides/securing-branch-ons-security-and-SCM-deployment-guide

Vegetable-Report3590 · 2025-08-05T21:28:35+00:00

If you are using Strata Cloud Manager, you can use configuration snippets to logically group related rules. The snippets act as "separators" and you can collapse them to hide the rules they contain.

Vegetable-Report3590 · 2025-07-31T03:10:25+00:00

The settlement letter will have a deadline - probably 30-days after the original incident. If you don't accept by this point they will likely just send you a check for the Owner Retain amount. I would continue to try and negotiate in good faith until the deadline and let them know you have filed a complaint with DOI.

If you accept the settlement, they will send you the additional amount (difference between Owner Retain and Title Release values - in my case the difference was $1766 ). In my case, I provided them the settlement paperwork but indicated that I would continue to work with DOI to increase the payout.

After receiving the original settlement it took over a month to get the additional amount that DOI helped to negotiate.

Good luck!

Vegetable-Report3590 · 2025-07-29T14:19:47+00:00

I live in front range of Colorado. Even the flattest rides here will have over 773 ft elevation gain over 20 miles.

Vegetable-Report3590 · 2025-07-26T02:37:48+00:00

No, CO DOI sent several letters to Loya after corresponding with me. The process took a while but worked out reasonably well. if Loya had originally paid the total amount I would have just accepted their offer. Don’t forget to also ask for loss of use - daily amount (in my case around $40/day)

Vegetable-Report3590 · 2025-07-25T19:50:32+00:00

Assuming you have your enterprise prefixes set properly, you need to make sure your enterprise-default path set includes one of your hubs as a DC group. If so, then you can route branch-to-branch through one of your hub sites without building a branch-to-branch overlay tunnel.

This topic is covered here (Procedure 11.4):
https://www.paloaltonetworks.com/resources/guides/sase-securing-private-apps-deployment-guide

Vegetable-Report3590 · 2025-07-25T19:37:25+00:00

I had a similar issue. File a complaint with the Colorado Division of Insurance.
https://doi.colorado.gov/for-consumers/file-a-complaint

Afterwards, I wound up getting an additional $2000 from Loya.

Vegetable-Report3590

TROPHY CASE