General Topics

Result: Failed to validate server certificate for endpoint api.paloaltonetworks.com

issue1:

I am having issues with getting Panorama and firewalls connected up to datalake. I opened a case and i am told it can't connect to api.paloaltonetworks.com. I have pcap that says otherwise. There is no ssl decryption in between. Its frustratin

Ha2 is going down every 5 6 days .. .my palo version is 10.2.9.h11

I am facing this issue in my current palo alto where my palo alto firewall keep on flapping after evry 5 6 days like suddenly seconday device is getting active and after sometimes it is coming back to normal not always it is coming to normal sometime

Question regarding Signal messaging application

Currently have a PA-440 at home and trying to setup Signal messaging application.  I know the application is cert-pinned and therefore cannot be decrypted.  To get it to work, I added to the SSL Exclusion Decryption list the following hosts/domains p

Authorization code

Unable to find the Authorization code

Custom Logs / Path Monitor Alert

Hello!

I may be trying to do something impossible, but it seems like the configuration elements are all there.  We have a static default route to our ISP that is set with path monitoring so that we failover to a backup route when the gateway is unr

IKE phase- 1 SA is expired every 10 seconds?

Just curious, has anyone every seen IKE phase-1 expiring every 10 seconds, can't seem to figure it out.

Thanks

Palo Alto Networks System Engineer PSE - SASE Associate exam

Could anyone kindly guide me through the process of registering for the Palo Alto Networks System Engineer PSE - SASE Associate exam via Pearson Vue? Your assistance would be greatly appreciated.

building a lab with PA-440 or VMs

Hello everyone,

I have some knowledge about PaloAlto NGFW but now I intend to focus and get some certifications. For that I bought a PA-440 which runs 11.2.5 and I intend to buy a second one which doesn't have an active license and running 10.2.3-h

Direct vs Partner Enabled support flow chart

I found a flow chart on the PAN portal earlier this that showed the customer's path to receiving support for both Direct and Partner Enabled, but I can't find it anymore. Have you seen it?

No internet after changing ISP

PA-440, OS 10.1.14, Standalone

We just changed the ISP, the static IP in interface (WAN), updated the Virtual Router as well, NAT, PBF, Security Policy was checked, IKE Gateway.

But we couldn't browse the internet. The firewall management GUI is also

Error 1006

Hi everyone!

I got error 1006. I really need help.

Thank you!

Configure SAML for GloblaProtect and use groups to filter

Hi,

I would like to configure SAML for my GP authentication and  I would also like to be able to assign IPs by user groups and configure rules for these remote users by user groups. 

Does anyone know if this is possible? how can match users received