PAN HA with different SFPs

Hi Guys quick question.. planning a pair of PA 5420's in HA - the plan was for each to have a 40gb QSFP+ module. however on our secondary core switch we are unable to source a 40gb sfp in time. So.. as a temp solution, will HA work if we have a 40GB QSFP+ module on FW1 connecting to 40GB sfp on Core1 and a 10GB SFP on the FW2 connecting to 10g...

Remove Domain Name from LDAP user mapping IMPOSIBLE =(

Hi Someone know if there is a way to remove the domain name from the group mapping The reason why is because i get from external source on palo alto the user id test1 or "test2" or "test3" Goal is create a policy rule base on the source user that is being part of a domain group In my case LDAP group mapping get this information: show u...

Threat Logs not showing specific source IP Address

Hello everyone! Just have an issue that I can't seem to figure out. In our threat logs, we are noticing that the source address shows the default gateway address rather than a specified address. We will get a specific address, however more often then not, we see the default gateway address. Any idea how we would be able to consistently see...

Modified XML API for Top Users last 30days

Hi Support, We want to get top all users for last 30 days using XML API, how we get it? This is XML API to get top 10 users (Worked😞 <type><panorama-trsum><sortby>sessions</sortby><group-by>srcuser</group-by><aggregate-by><member>src</member><member>app</member></aggregat...

what is the steps for SIEM integration in PA firewall

Security policy with sources on a CDN or domains with wildcard

Hello to all, I would like to know how smart PAN admins would solve this problem: suppose you have to allow inbound traffic from a source address that is: - defined as a FQDN but you know from DNS that it is delivered via a CDN like cloudflare, akamai, etc or - defined as a domain with a wildcard, for example *.letsencrypt.org I know that: - I...

dynamic update fail 8786-8435

Hi, Please advise if anyone face issue fail dynamic update for version 8786-8435. There are no any update for this and no error in paninstaller_content showed. I saw disk for pan config is only 33%. Anyone know what we can check more? Schedule update everyday 10PM SGT but last update is 2021/09/01. there are internet connection on firewall.

Panorama push errors None after upgrade

We recently had this issue where after upgrading firewalls to 10.1 the panorama gave a error on push to certain firewalls with description "none" which wasn't very helpful. On further process eliminating we discovered it was only VM FW's in AWS the error occurred on. Panorama wouldn't even try to push the device templates or give any meaningfu...

Handling of and Awareness of APP-ID shifts or new releases

I'm not sure how much it's been publicized, but there's a pretty significant improvement to how Palo is letting customers handle newly released APP-IDs or application shifts. Thus far when new app-ids are released customers just have to accept them without really understanding if the coming change will effect existing security policy. Well fi...

Monitoring the firewall

Hello, i would like to monitor the firewall using centreon. Unfortunately we are using the free version so we dont have access to the snmp and ssh plugins packs and we have to do everything by ourselves. To get CPU, uptime information and so on i can use snmp using OID. However to get more detailled informations i would like to run ssh comma...