How do I update OSS apps only?

Hello all,

I've found this kb: 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CltxCAC

I'm trying to install the latest apps on the OSS. I've downloaded "all apps" from csp and when I'm trying to install it, I receive t

SFP & SFP+ Transceivers not automatically detected on PAN-OS 11.1.2-h3

Hello everyone!

Before we go to the main point let me just give a explanation that happened. So we have a PA-1410 fresh from the box and tried to perform a basic power on test, the device firmware version currently seated on 11.0.3, I tried to chec

MAC-in-MAC on esxi - ha_aa_pktfwd_err_decap

I've been trying to track this issue down for a month or so now and haven't had a lot of luck with any of the permutations in my vmware environment. 

I am running two 11.0.4-h2 PA-VMs in Active/Active mode. I'm using floating gateways and all is runn

TLS 1.3 has General Protocol Error

Hi all,

Fairly new to PAN OS and have just enabled decryption on my 10.2.3-h4 VM-300 firewall.  In my decryption logs, all entries for TLS 1.3 are having a 'General Protocol Error'.  When running a v11.0.1 firewall (that I had to downgrade due to dat

Certificate Expiry

Hi All,

I am trying to import the Azure SAML certificate to use it in the Identity Provider Certificate as it is expiring this Thursday. But i am getting the attached error. Does it mean do i need to delete the existing one and then import it? I have

Global Protect "Single Sign on" with Windows Hello on Windows 10

Hi everyone,

I have a situation as described in the title of this post. As you probably know Global Protect installs his own Credential Provider in Windows which has to be chosen by the user. It is also possible to force the Global Protect Credential ...

VPN tunnel is getting dropped

we are seeing tunnel drop with below error message.

IKE phase-1 SA is deleted SA: 1.1.1.1[500]-2.2.2.2[500] cookie:191098e4ef6db35d:eba9ee89ff200b07

transition from trial to purchased license

Hi All,

We are in a scenario where we are running firewalls on trial licenses. 

We have purchased the licenses. Can you help me with following queries :
1. When firewall transition from trial -> purchased license, will firewall drop the network tr

Is there a way to disable response page for interface?

I am blocking some applications coming inbound from the internet to a certain IP. This creates a response page when I have application block response page on. How can I stop response page from being server to outside zone?

URL logs missing for Traffic through alert only URL category / profile.

Hi All,

We have a strange situation: Some URL filtering log entries for valid visits to web sites are missing. The traffic goes through a security rule which has a URL filtering profile with only alert and block categories