how to disable the url-cloud-connect

the customer firewall pa3220,version :10.2.1, the mgt interface could not access internet,so that firewall could not upgrade the url database.

but the system log dispaly some high log:url-cloud-connect-failure,the customer want don't see these log.

fir

VPN event messages keep receiving

Hi,

I have two IPSec tunnel configured between Azure PA firewall and cisco router.

worried about continuously getting the informational event logs ikev2-nego-child-sart,  ikev2-nego-child-fail & ikev2-recv-p2-delete

Did the setting DH group to No PFS

The backup file received through XMLAPI is different from the actual configuration.

Hello,

I'm sending a backup file to Windows Server using XMLAPI.

However, when compared to the actual exported configuration, the file size was different, so I checked and found that it was being sent to the Windows server in the format shown in

PA-5400, 3400 series DP memory check

Dear Team,

For existing firewall models, I can check the DP's memory through the 'tail follow yes dp-log dp-monitor.log' command.

However, new devices(PA-3400, PA-5400) do not have a dp-log path itself.

Is there a way to check dp memory on new

HSCI Link flapping

Hey all, I had to RMA one of my PA-3220s and rebuilt my HA just recently. After getting everything up to 9.1.11-h3 my HSCI link just doesn't stay up between the two 3220s. One side has green HSCI links, but the other side is dark.

-Replaced fiber j

DNS Sink Hole Data Base

Hello Gentlemen,

Could you please tell me where I can locate the DNS SinkHole database? I need to use it to determine whether a specific website is operating properly. Any suggestions on where I could look for that? Under DNS Sinkhole activities, a

Code On Firewall Not Mine

Hello,

I ran a config audit today and found some uncommitted code that was not mine. Is it possible that a dynamic update had some uncommitted code in the config?

Thanks

MJF

group-based policies for RADIUS authenticated users.

Dear community,

For users who authenticate via RADIUS on Active Directory, is there any possibility to fetch the groups for those RADIUS users so that group-based policies can be created in the firewall? 

Thank you!

Problem with export&push config to newly added firewall in panorama

Hello,

We are trying to add new firewall to panorama . We follow the steps from the instruction for adding HA cluster to Panorama. But when we get to the step with export&push device config we get an error:

GlobalProtect SAML Metadata

Hi Experts,

I have configured Azure SAML SSO for GlobalProtect. When I try to export Metadata from PaloAlto FW for global-protect service, there is a mandatory section to select which virtual system. But in my case, there is no virtual system to sele

Unable to connect to sysd

Hi

     I am trying to install PanOS 10.2.5 into Eve-ng. When i go to login i get the following error

I am running 8.1 no problem and have tried multiple images. I see in some websites to ignore the error but i cant even log in. Any help

would be

Panorama Minimum Requirements for AWS Deployment

Hi all,

I am new to Panorama management, and I am specing out a new deployment for a client.

1 - VM PA in AWS

1 - PA 440 for Office

We want to manage the VM and 440 PA with Panorama. Looking at the AWS deployment documentation 

https://docs.pal

Policy-Based IPsec VPN Failover

Hello everyone,

I have a case, where we have configured two site-to-site VPN connections to our partner's primary and backup datacenters. Both tunnels are policy-based IPsec VPNs with Proxy-IDs configured and both use the same local/remote inner IP a