Hi Folks, Does anyone know if I can register two NGFWs with different support structures (one has Premium Support and the other one has Partner-Enabled Premium Support) in one CSP account? If it is allowed, any consideration on how to manage the support cases for these firewalls? Thank you in advance for your insights.
We want to create some standards rules that will apply to most zones - It looks like the only way to do this is to define all zones that needs these rules at a global level. Looks like maybe tagging could be used as an alternative to allow zones to be defined at a folder level, but this seems overly complex
hello , i need to extract security policies from palo alto appliance Model (PA-460) is there a way to schedule the report or grant read only access to audit function ?
Hi Team, Recently we have done Prisma SASE deployment, below is the infra details:- 1. Private Application hosted on AWS. 2. Tunnel created between Prisma & AWS via ZTNA Connector. 3. Users connect private application via Global Protect or Prisma Browser. 4. Application host in AWS via Internal load balancer. 5. DNS Server deployed in AWS ...
"Connection FailedThe network connection is unreachable or the portal is unresponsive. Check the network connection and reconnect." This pops up on my screen every minute or two, and immediately begins capturing keyboard input, and because the app is mandated by my sysadmin and not configured by me, there's also no way to force-quit it or stop i...
Hello, We currently have two PA-3410 firewalls configured in HA, running PAN-OS 10.2.9-h1. We are planning to upgrade to the preferred release PAN-OS 10.2.16-h6. However, after reviewing the security advisories, it appears that this version does not fully mitigate some vulnerabilities, including CVE-2026-0257. Would it be advisable to upgrade di...
Hello LiveCommunity Team! I created this post to share my experience regarding the User-ID Hub for multi-vsys environments involving some User-ID incomplete table for a specific vsys:I have an NGFW with multiple vsys, and in each vsys I have configured a unique Data Redistribution Appointing to dedicated User-ID Agents and Panorama/NGFWs, local ...
Hello LiveCommunity Team! I created this post to share my experience regarding an issue involving the User-ID domain mapping issue between the Prisma Access Mobile Users GlobalProtect conflict with the NGFW On-Premises. The conflict arises when an On-Premises NGFW and Prisma Access GlobalProtect use a different user identity sources and domain N...
Hello Community, We are experiencing an issue with GlobalProtect log retention on Panorama. Our Panorama manages 6 firewalls, and all firewalls are configured to forward logs to Panorama. However, on Panorama, the GlobalProtect logs for the managed firewalls are only retained for about 6 days. When we check the output of the command show sys...
Hi everyone, I am in a desperate situation. I have 1 month left to finish my PhD, and since June 1st, I have been completely locked out of my university network due to a bizarre GlobalProtect issue. I am consistently getting the "global protect authentication failed enter login credentials" error. I have tested every possible scenario, and the o...
Hi Everyone, I need some assistance integrating DNS Analytical Logs into XSIAM. I have tried collecting these logs using an XDR Collector and other available methods, but so far I have not found a supported approach. This requirement is quite urgent, and I would appreciate any guidance from anyone who has successfully integrated DNS Analytical L...
In order to accurately bill our customers, we would like to have a breakdown of credit usage per firewall. I was able to retrieve a list of all firewalls from our panorama instances and also the credit pools and how much is used in total from palo alto API. However, there doesn't seem to be an obvious way to break it down further. Is this tec...
Cortex XDR Cortex XSIAM Test, more to come.
I have a HA pair firewall without vsys license. Now, i would like to add the vsys license in this HA pair in production environment, Do the traffic affected ? how is HA status ? if so, how to minimize the impact for adding the vsys license ? from some document, the device will be in suspended status. some people said that the device have to r...
Dear all, I have a strange error after I upgraded my firewall to PAN-OS 11.1.15 to fix a GP vulnerability. (18990)06/04 17:44:57:208734 - PanKeyManager: Issuers: CN=ixxx, DC=ixxx, DC=local(18990)06/04 17:44:57:208841 - PanKeyManager: Use Cert: gp_user_new(18990)06/04 17:44:57:208883 - PanKeyManager: getPrivateKey for alias: gp_user_new(1899...
