GRPC status UNAVAILABLE in intelligent offload

Hi All,

Has anyone else come across an issue where a process called 'pan_grpcd' is using upwards of 85% of the CPU on a PA-VM.

The VM is running version 11.0.2 and i can see an error in the system logs - 'GRPC status UNAVAILABLE in intelligent of

Macbook Can't use Zoom application when connect GlobalProtect

Hi Team,

My customer reported he can't use Zoom application on his Macbook when connect GlobalProtect.

Is this an issue from GlobalProtect or Macbook and is there a way to solve this

Thank you.

Need to create firewall policy that allows only Microsoft teams and rest all need to block

Hi Friends,

I would like to create Palo Alto configuration for specific range of IP address, not based on users.

My requirement is as follow.

1. Only Microsoft teams traffic (incoming and outgoing includes calls) should be allowed.

2. Want to block all

Asynchronous Security Zones?

Is there an issue with asynchronous routing if the traffic passes through different security zones? We have our PAs setup with subinterfaces for our respective VLANs. So we have:

Eth1/3.10

Eth1/3.20

Eth1/3.30

Eth1/3.40

These subinterfaces connect to

Threat ID 30852 and 35107 - HTTP /etc/passwd Access Attempt

Is this a duplicate or does anybody know what the difference between those two Threat ID's is ?

Cheers Roland

[CAPTIVE PORTAL] Kerberos Browser-Challenge + Authentication Sequence

Hello,

I have an issue with the USER-ID. The Firewall is running 10.2.6 actually. 

We have different users : most of the people are in the AD and others are not.

Default authentication rule : Kerberos browser challenge. What i understood is : If kerb

high latency after HA failover

Hello team,

I have an HA active/passive with a couple of PA-3250. After failover from active to passive there are a high latency for all the connections and some Http/https sessions cannot be established. I see in the traffic logs many aged out sessi

Multiple SAN on SCEP profile

Hi,

Is there a way to define multiple SAN names in SCEP profile?
We are trying to use SCEP for management access certificates for PAs in HA but with one certificate for both with both hostnames in SAN fields.
I don't see a way to enter more than one, I

No Logs for matched rule

Hello everyone,

We are facing a strange problem with one of our PA-220.

I created a rule to allow all traffic between 2 different zones with our default log settings. The problem is that I only see a hand full hits and nothing in the traffic log.

Y

Website Access Issue from one of branch office

Hello All,

We have PA-850 implemented across the sites (4 sites), there is a URL www.crunchydata.com is not accessible from one of Branch Office in US, while there is no issue accessing same URL from other branches. However

- i have checked and confi

ECMP Single Interface

I have an HA pair of firewalls in my data center. I have a single ISP that provides two routers for internet access. I use HSRP on those routers, which obviously share the same subnet on the inside interface that connects to the outside interface of

10.2.3 Software Update Install Error

The firmware is not being updated.