Broken capture in SASE workshop registration

I'm not sure of the best location for this. I'm trying to register for a SASE workshop (and I'm not sure if it's online or not, but that's another conversation), and I need to complete a captcha. Unfortunately, I can't see most of it (see the attache

Bulk changing target device in policy set

I have several policy sets which have between 500-900 rules each and are being re-used for a firewall migration. Each of the sets has the old 850 palo set as the target device. To save time on migration night I am looking to change the target to "any

Commit Failed on Passive Paloalto-3250-admin-role -> AdminRole -> role -> device -> webui -> objects -> packet-broker-profile unexpected here

Hi , Please help , after installed dynamic update of antivirus on Active & Passive PaloAlto-3250, commited successfully on Active but not able to commit on passive.. after commit failed on passive try another way made appication & threat shaedule non

S2S VPNs using Self-signed Certificates

What is the procedure for configuring Site-to-Site VPNs using self-signed certificates?

For example, we need to establish a VPN between Firewall A and Firewall B.

The documentation describes how to create a self-signed Root CA certificate, but it doe

Cloud NGFW Credits issue

Hello All,

I recently purchased Cloud NGFW for azure and purchased paloalto credits as well.

my Azure NGFW shows as PAYG ( Pay us you go) instead of showing license with my credit.

is it possible to change my PAYG license to credit based.

Type: INNR in session id detail.

Hi team,

What does INNR represents in type when looking at the session ID details.

I know that this happens at child session, when parent session ID belongs to the HTTP/2 ID.

If you guys have any idea about what INNR represents, let me know.

Mgmt Traffic over VPN

Hi All,

  I am looking to deploy a few (4) PA-440's into the field. What is the best way to configure my remote firewalls to send MGMT traffic 3.3.3.3/24 (using loopback) over a vpn to central firewall to pass along to panorama MGMT (10.10.10.10/24

jQuery vulnerability on management interface of PA-3220

Hello all,

Our customer is currently using PA-3220 running PAN-OS 11.1.
During their recent vulnerability scan, the following CVEs were reported that jQuery used on the Web management interface;

CVE-2018-8046
CVE-2007-6758

Questions:
1. Do these v

spanning tree portfast for cisco to palo links

I am moving some palo interfaces to a new cisco switch. 

What is the recommended spanning tree configuration on both palo and cisco sides when connecting these devices?

PA(config-if)# spanning-tree port type ?
edge Consider the interface as edge por

wrong traffic matching rule

Hi this maybe a simple or dumb question, but I have a rule shown below that has specific sources defined. I thought the rule would only match on those host listed in the source, but when looking at the logs, I can see other source IP's are matching o