What is still missing or needs to be improved in PA Next Generation Firewalls ?

Hi, will like to understand the oppinion from the PAN community about the features that are still missing or needs to be improved.

Will appreciate if you can specify by functionality like :

FIREWALL

Must Have : A,B,C

Nice to Have : D,E,F

Thks

Mario

Local authentication should not work if when radius is available

We're configuring authentication and we have a requirement that Local authentication should not work if when radius is available.

Team - is that supported of Palo Alto Firewalls? Let me know if that is possible or any documents would help us.

Tha

UDP Relay support on PANOS 11.1

Hello Experts,

Is UDP broadcast relay (not DHCP) supported by PANOS 11.1?

There is a requirement to relay these UDP traffic:

ip forward-protocol nd
ip forward-protocol udp 10001

Is there a limit to the number of objects within a dynamic address group?

I'm working on doing some clean up, and I want to take advantage of dynamic address groups. I have 943 address objects tagged and one dynamic group. 

When I monitor the logs, I see some traffic bypassing my rule and going to rules below. I checked the

Software version 11.1.5 gone?

Now I can not download software version 11.1.5 or 11.1.5-h1 now. what's happen?

GRE tunnel issue with packet size

Hello,

I am migrating old ASA to Palo Alto PA-440, one of the things i am trying to migrate is IPsec tunnel, that Ipsec tunnel carries only two remote hosts which are sources and destination for GRE endpoint on Cisco Switches. When i try to migrated

Install Device Certificate for LogCollector CLI

Hello everyone,

I upgraded a Pan log collector to Software version 9.1.11 . Recently I receive the event "No valid device certificate found" . So I need to generate OTP certificate and install it . This can be done easily through GUI. However, with Lo

Export Codes - HS/ECCN/CCATS

Hi, 

I'm looking to obtain the export codes for some Palo Alto Network products.  Can anyone point me in the right direction to obtain these?

Thankyou, 

11.1.5-h1 under monitoring?

I would like to ask again for PANOS version 11.1.5-h1, what is the current status? Is it still monitoring?

PAN-OS Release Frequency

Hi,

How can we know the frequency release version of PAN OS? Or just wait for new info on software release guidance

eg version 10.1.14-h8

Version

Represents

Frequency

10

Major Version

1

Minor Version

14

Maintenance

H8

hotfix (ur

VPN disconnection when using the sbs robot, which performs queries to a certain page located in the internal network of an entity.

They mentioned that based on this behavior in which they think that this is a :

1.-Threat identification.
2.- VPN disconnection when using the sbs robot, which performs queries to a certain page located in the internal network of an entity (Judicial

Cisco BGP neighbor x.x.x.x local-as yyyy feature on Palo Alto

Hi,

Does Palo Alto support Cisco BGP neighbor x.x.x.x local-as yyyy feature? or there is any way to achieve the same (Palo Alto FW has a local ASN, but it uses another local ASN just for a specific neighbor)

Thanks!