we have High Severity tickets for ALERT: Warning - AAA - [Free Disk Space

/opt/traps below servers’ issue

[root@usaz15ls128 ~]# df -h /opt
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vgRoot-lvOpt 6.0G 6.0G 20K 100% /opt

[root@usaz15ls128 ~]# du -sh /opt/traps/
5.7G /opt/traps/
[root@usaz15ls128 ~]#

[root@usaz15ls132

Policy processing order

I have a question about how policies are processed; specifically NAT vs Security Policy.

We have a NAT policy that performs destination NAT to translate all traffic to port 53 to be translated to our corporate DNS servers.

We have a security poli

Where to find information about SSL decryption is (not) required to identified traffic

Hello guys,

I want to know if there is a resource where I can find if SSL decryption is required or not to identified the APP traffic. 

I have this information inside Palo Alto Networks Content Update mail but I don't find this information in app

Problem with the DuckDNS certificate for the DDNS service.

Hi,
I'm having an issue with Palo Alto and DDNS — specifically with DuckDNS. Everything had been working fine for the past two years, but for about a month now, Palo Alto is showing an SSL certificate error.
The exact error message is:

Server response:

about https://autoassistant.paloaltonetworks.com limit issue

the customer tech tech support  file reaches 1.18GB, the maximum analyzed tsf of the website cannot exceed 800M,
Someone knows how to operate in order to use the website to analyze the file

Regarding registered email id

Hi Team,

We need to know the registered email id for this Palo alto device S/N : 023201017692

EDL server certificate authentication failed. A local copy of associated external dynamic list will be used

I'm receiving this error from our firewall every 2 minutes, I can't figure out what the cause is. The reason says "self signed certificate in certificate chain" but I don't know what self signed cert it is talking about. This has been working for yea

Set zone via CLI does not work

admin@firewall(active)# set vsys vsys1 zone test network layer3 ethernet1/17.66

Server error : layer3 'ethernet1/17.66' is not a valid reference

Unable to HTTPS or SSH into new out of the box PA440

Had a new PA440 delivered to a remote location. I am able to ping the device (192.168.1.1) but am not able to HTTPS or SSH into it. Assuming that my IT person at the remote location has the device plugged into the MGT port and in the switch, which si

Error generating a new certificate

Hi, we are trying to generate a new elf-signed certificate in Panorama and we receive this error: Failed to insert certificate into configuration. Failed to find beginning of certificate. Make sure certificate starts with BEGIN CERTIFICATE tag.

This

Firewall Traffic flagged as unknown-tcp using port 31200

Hello,

Seeing some traffic for Unknown-tcp using port 31200. I'm in the process of refining our firewall rules to be more granular and for this current rule has an any app on any service applied with no restrictions. Trying to see what I can create f

cannot create technical case in portal

We registered couple of paloalto VM firewall in portal. Registration done. but when we going to create Technical case , Devices not showing.

Join Us For a Fuel Workshop on GlobalProtect Troubleshooting Techniques (APAC Region Sept 17-18)

Fuel Workshop on GlobalProtect Troubleshooting Techniques

Welcome to the next in our series of Fuel Workshops where will be covering troubleshooting techniques for GlobalProtect. Over the next two days, we will be learning a number of items relat

random-drop vs drop - zone protection

For TCP flood logs should only show "random-drop" with RED configured.

"drop" for TCP flood is this coming from options set under "TCP Drop" options under Packet Based Attack Protection.