Join RQL query throwing Failed to execute RQL search . Illegal Argument

Hello team,

I am trying to execute the below join query in achieve the below output-

1. Only Service accounts that has have elevated roles (e.g., roles/owner, roles/editor)

2. Service accounts that have atleast one user-managed key

config from clou

Thoughts and experience with the Prisma secure browser

Hello Community,

I'm looking for general feedback on those who have or had used the secure browser for DLP. Things that work well, things that didnt, etc. 

Just looking for non sales honesty on it. The purpose of its use would be to use the DLP fea

Unable to access PANW Support Portal

Hi community,

Currently, I'm having trouble accessing support portal as I can login but it redirected me to this page:

IpSec VPN Phase1 negotiation problem

Hi All,

I have two 4G router and two ipsec vpn tunnel. Routers are exactly same.

VPN configs are exactly same (except Ips) one tunnel up and running but other one failed at Phase1

It gives me "IKE phase-1 negotiation is failed. Peer\'s ID payload 192.

UIA user normalized issue

Hi,

We have 2 cluster firewalls with the same config for UIA and Group mapping.

If i look for an IP. show user ip-user-mapping all | match IP

I cant see a different behavior.

One cluster shows user as use@domain and groups where this user belongs -

SCIM directory only shows old user data when I change the new SCIM directory domain.

We previously had an SCIM integration with an old Azure AD tenant. Recently, we migrated to a new Azure AD SCIM connection, using the same user data (i.e., usernames and attributes remain unchanged).

However, we have observed that logs are still showi

Palo alto interface DHCP

I have configured DHCP on 4 interfaces, each DHCP on a different subnet. I connected each Palo alto port to a unique switch with the understanding that all devices connected to particular PA port will get ip addresses only from the corresponding DHCP

PA440 HA failover not working

I'm having an issue with a HA failover with 2 PA440s. When I finished setting up the HA for both firewalls the first time, I was not able to sync them, it threw me a strange error and after some research, I found documentation where it stated that I

Active-Active NAT Rule Binding

I can't find anything which goes into enough detail on Active-Active design around NAT and more importantly ARP.

The easiest way to explain the current deployment is as follows:

• Site 1 / Firewall A
• Site 2 / Firewall B

Each firewall is connected to uni