What causes an HA Primary to go into Suspended State?

I've setup an HA Pair with Primary Priority of 10 and a secondary of 20 (both with Pre-empt enabled).

The Primary keeps going into Suspended state.. what would cause this?

question about Thermal Chamber test result and VPNC

Hello all.

would somebody tell me where I can find out Thermal Chamber test result for the PA product?

plus. we're not enlisted on the VPNC testing product list.

do we have plan to get certify on this?

http://www.vpnc.org/testing.html

thank you very much.

About server virtualization (vmware esx) question.

Hello.

When using server vitualization environment (vmware esx) can PA inspection traffic as a vm instance from internal vm servers?

I checked application named vmware at PA device but guess it is only related vmware traffic for management. right?

Pleas

SSL VPN Client Compatibility

We have a customer using SSLVPN for users and 3rd-party peers.

A 3rd party of theirs is using the SSL VPN client. It doesn't seem to work when co-existing on a PC with other clients on it (Cisco, Checkpoint and others) but does work if it's the only c

Managing policy with Panorama - what is best practice?

We are looking at deploying multiple firewall instances managed centrally by Panorama, and would like to maintain a global baseline policy across all of them.

We recognize that regional instances will have specific local policy requirements not shared

Panorama - Master device

Hi,

could anyone tell me what does really mean the voice "Master Device" in device group configuration in Panorama?

Unfortunately the only documentation about this says:

"[...] select a master

device from which the user information will be retrieved from

file blocking(file types) question.

hello all.

quick question.

in the File Blocking -> File types, probably we don't support "txt or text" extention as a supported file types..do we have any specific reason for this?

but  when it comes to Data Filtering, there is "text/html" File Types th

Captive portal not requiring password with user id

Hi,

We've implemented a PA4020 box in a v-wire configuration with another jack on the box configured as an L3 in order to have captive portal functionality. The reason is that there are multiple computers that are logged in to with generic accounts, a

Issue creating multiple DMZs with layer3 interfaces

I have an issue with getting 2 DMZs working in layer 3 mode on Palo Alto version 3.1.7.

I have set up my first DMZ and can communicate perfectly with the internal network. When I setup a second dmz (using completely different interface ports), but exa

PAN-OS 3.17 - High Availability - Not Sync Properly

I am configuring 2 PA 2020's for a customer and am having the following problems w/the HA pair once built.  Has anyone came across this issue?

***** Text below was sent to my internal technical team *****

I have HA setup, configured and the failover ac

Response page with button continue?

Hi,

Is it possible to make in response pages the button "continue"? I want to make a response page warning that this url it's not permitted, but if the user wants to continue press this button.

Thanks

About Data-filter function for Korean language.

Hello

I tested Data-filter function that can recognize English character with regex.But Korean language with regex was not recognized by Date-filter function.

I think PA cannot recognize double bytes character such as Korean, Japanese and Chinese at Da

about FAST FLUX attack for BOTNET and spreading malignant code.

Hello

Nowadays BOTNETs are using FAST FLUX technic that makes change regularly their Hyper Link, URLs and IPs interval about 2-5 minutes. Also I guess you known kind of above attack. so It could not be prevented denying IP address, URLs and others.

I w