What does it mean message which is "Packets dropped: invalid packet header content"?

Hello,

We are doing take-over test on A-A.

We are seeing packet-loss with the following global counter on Active-Secondary after take-over.

flow_fpga_rcv_tag_err                  32406      350 drop      flow      offload   Packets dropped: invalid pack

VPN Tunnel between static Palo Alto and dynamic Fortigate

What is the exact settings in order to establish a VPN tunnel between a Palo Alto firewall that has static WAN IP address and a Fortigate that has Dynamic WAN IP address?

If both has static IP address, the tunnel works.

If Fortigate has dynamic WAN add

Globalprotect with 2 factor auth, client certificate problem (SSL handshake)

Hello,

having problems with GP client certificate authenticating on Android and iOS (Windows is working OK). We are using company PKI certificates, Root and Issuing CA certs have been imported to Android/iOS, as well as a device-specific client certif

Not understanding "WildFire: Automatically Detect and Prevent Unknown Threats"

First of all I'm very impressed with Palo Alto's firewall, I'm definitely a "fan", however we purchased a wildfire subscription under this premise:

WildFire^TM simplifies an organization’s response to the most dangerous threats, automatically detecting

GP Gateway login page

Is it possible to disable this login page to download the pan gp client?

HIPmatch IP?

Palo currently emails me the hipmatch alert and includes the internal IP that globalprotect assigned it. How do I get the public IP that the user came from in the hipmatch alert email?

I know I can manually find it via the interface (which shows both

Compatibility GPClient-PA firmware

Hi,

We have PA-2020 with PanOS 5.0.11, and GlobalProtect Client 1.2.9.

which the newest GPclient version that i could have with PanOS 5.0.11??? Its worth it to update the GPClient to any newest version????

regards..

Traps and Antivirus

Hi All,

Looking at the Traps solution and wanted to know if the solution allows for a replacement of Antivirus or does it supplement one? I don't really want tot have to support multiple services and agents on all the devices so i was hoping for the f

we are not getting URL in syslogs, is there any way to URL in syslogs?

<190>Mar 31 08:52:56 XXXX-firewall-name 1,2015/03/31 08:52:55,001606005137,TRAFFIC,end,1,2015/03/31 08:52:55,source_ip,,destination_ip,trust-untrust-web-services,,,paloalto-wildfire-cloud,vsys1,trust,untrust,ethernet1/1,ethernet1/3,Log_Forward,2015/0...

Category explanations

I'm working to identify a few categories and what they mean. I looked in the online help and all it did was list the categories. Is there a document that gives more information about what content filtering categories are for?

Specifically i'm trying

ACI integration

is there currently or are there plans for ACI integration?

240GB Raid SSD Upgrade

Hey guys, we are upgrading our PA-5050s drives from a single 120GB SSD to two 240GB SSDs and I was wondering how long this will take? I assume it will be pretty quick since we are installing two identical fresh 240GB drives but I wasn't sure how long