Dynamic ports to Static

Hi Team,

I'm trying to configure the Dynamic ports (49152-655355) to static 37001 . We have destined server which is sending dynamic ports to establish the link and data exchange.

what is best option to have this hardening.?

Error during Commit operation

Hello,

if you encounter this while performing a commit:

 try these commands in the CLI:

preferred PAN-OS software versions table

HI, dear PaloAlto team,

Why has the preferred PAN-OS software version table been changed? The previous view was much better, because it allowed to select the preferred software version and schedule changes....
Now there is only one preferred version

Google-base app, what its cpable of in escense of google apps.

Hi Team,

            Recently, I had to allow an internally developed android and IOS for users that are allowed and not allowed to access internet.

this app "externally hosted internally developed" role is consisting of destination IPs and web-brows

Request for Upgrade Advice on Palo Alto Firewall PA-1410

Dear Palo alto network Team,
I hope this message finds you well.
We are currently running a Palo Alto Firewall PA-1410 with software version 11.2.3 and are planning to upgrade to a newer version. After checking the available software versions, we have

URLfiltering Response page for Override with redirect mode does not work

I created a loopback interface that has the Response Page management option enabled. I setup up the override action for social-networks category in the URL filtering profile and setup the Device->Setup->Content-ID on override with the IP loopback add

How to get the full CA Issuer URL when it is truncated in the decryption log

Hi guys,

I am checking the decryption logs, to repair the certificate chain as mentioned in the guide below:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/decryption/troubleshoot-and-monitor-decryption/decryption-logs/repair-incomplete-ce

EVE-NG Setup & VMWare installation for Palo Alto & Multi vendor devices

VMWare installation & EVE NG Setup step by step for Multi Vendors Devices

As for every IP Network Engineer readiness of the simulator especially the multi-vendors environment, EVE-NG is a big headache. But honestly, this is very simple and only nee

Evaluation Licenses

I have Palo-Alto Firewalls and Panorama installed via KVM on eve-ng. I am utilising these systems for exam preparation.

I require the eval licenses so I can utilise Panorama correctly.

Can someone let me know how I can get the eval licenses without

Panorama HA

If I have an HA pair of panorama servers and I access each one with different URL (panorama01.domain.com and panorama02.domain.com) but I want to setup SAML Admin UI within Azure Enterprise applications, do I need to setup one for each panorama or wh

PanOS 11.1.5 (and others with the fix for CVE-2024-2550) still not preferred?

Might anyone know why 11.1.5 and 10.2.10-h10 (or anything newer) are still not marked as preferred 3 months after release?

We're on 10.2.x now and likely would upgrade to 11.1.x, but I figured waiting for the patch for CVE-2024-2550 makes sense.

Two separate PA one the same ISP on both location

Hi, 

we have two PA fws around 1km in bettwen.

They are connected with dark fiber so users on both side can see each other.
One the same ISP on both side, and public IP address range of /28 addresses. 

We are using that public IP address for several s