General Topics

MFA on the Palo Support Portal (okta)

I usd Okta Verify  login csp protal，Now that I have changed my phone,

i want to remove Okta Verify,and Then restart the installation okta verify,but failed.

how can I reactivate the okta app on my new phone,any body could tell me,thanks.

Firewall Access issue

Hi Team,

The user is having issues logging in to the firewall. Please find below a screenshot and suggest how we should troubleshoot. Under the system log, I see authentication success, but the user is not able to login.

Why doesn't Firewall PAN automatically change the MAC address of the Rever Proxy device?

Hello guys, can you help me with this problem?

We are looking for the following logical scenario, we have 2 Reverse Proxy (Imperva) devices connecting through a PAN Firewall as shown below. When checking for backup on Imperva. We tried the followin

URL list allowed on firewall

Hi Team,

I need a list of URLs that are allowed through the Palo Alto firewall.

Is there any way to get the URL's name through cli or gui that is allowed through our firewall?

Only allowed url names are require

Addig a new user to our company

We recently registered to Palo Alto Partner Portal.

I would like to add more colleagues to PAPP, but I cannot figure out where/how to do this.

Export option in Software section

Hi, 

I have a PAN-OS VM on version 11.0. I've noticed the option "Export" on the page of software update but couldn't figure it out. 

The list of SCP profiles is empty even though I have an SCP server on my host.  

I have also created SCP profile

PA 5260 httpd multiple processes running

These processes are seen to be utilising 400% of the CPU and seem to be a bug . Anyone else seen this on PAN-OS 10.1 ?

ECCN

Hi Team,

I need to know the ECCN for the below part numbers.

1. PAN-ENT-SUB-ELA
2. PA-PRORATED-CREDIT-SUBS
3. PAN-ENT-PREM-ESA

Implementing ECMP on dual ISPs with IPSEC tunnels into Azure with BGP

Hi All,

so just want some clarity on limitations or issues that i can expect to run into..

we have a PAN NGFW with 2x ISP links and want to do load balancing over these for internet traffic.

ECMP seems to be the way to go and fairly straight forw

Device certificate advisory when firewall doesn't use the mgmt interface for these connections

Hello.

so in regards to the palo advisory of upgrading and rolling out device certificates we are running into an issue which I'm not sure what the impact is.

we have a number of panorama managed firewall clusters. however these firewalls don't use t

input logs firawall

Hi, is it possible to add information imported from another event log to the logs of a Palo Alto firewall?

HA upgrade oddness (no preempt)

Hello,

just seeing if anyone has an explanation or has experienced this before.

I followed the HA firewall upgrade guide and experienced this unexpected behavior.

i suspended the primary, ( secondary went active), installed the new os, and rebooted. 

Possible NAT issue on a PA-3260

Folks, I am trying to configure a NAT policy which should be bi-directional. Here the traffic can be initiated from outside or the inside. The policy is configured and I can see NAT hits. However, this policy does not work.

The NAT IP is from a sub