latency Troubleshooting

We have a load increase following the unblocking of an application's url. How can I troubleshoot for finding what's causing this?

HA Pair - peer version too old

I have two hardware gateways in a HA pair running 9.1.19.  Ive upgraded one to 10.0 and then to 10.1.14.  It now complains that the HA 'peer version is too old' and it has suspended HA.  If i suspend HA on the remaining 9.1 gateway, HA doesnt activat

Build in tool to test throughput

Hello experts,

Im wondering if Palo Alto firewalls have a build in tool to test throughput on specific interface. We are trying to use iperf on an endpoint and test channel utilization from the firewall or if possible, firewall acting as iperf serv

Vulnerabilities

The vulnerabilities which it will show in vulnerability assessment are live or any particular time the data get updated?

Upgrade path from 10.1.13-H1 to 10.2.11-H3

I was trying to upgrade to 10.2.11-H3 and when I upgraded to 10.2.0 and then I couldn't upgrade.

PAN-GPLimiter: Limit Concurrent GlobalProtect Sessions/Connections Per Unique User

PAN-GPLimiter: Limit Concurrent GlobalProtect Sessions/Connections Per Unique User

Hi All,

I would like to introduce my Go program for limiting concurrent remote user logins in a single GP Gateway on a PAN-OS Firewall.
(Keywords: Limit the maximum

License for feature lcaas will expire on 2024/10/30

From the system log, i find a log severity is Critical.

The message is 

"License for feature lcaas will expire on 2024/10/30"

what is lcaas ?

how can i deal with this message ?

Migrate the active directory services from onpremise to EntraID (Azure),

Hello team

We want to migrate active directory services from onpremise to EntraID (Azure), how can we integrate the UserAgent in Palo Alto?

Greetings

OPT/PANLOGS Partition Getting High and Increasing Usage Every Day

Hi all,

i have PA 7080 that recently upgrade the firewall 10.1.10-h1 to 10.2.9-h1. Since then the percentage disk usage is increase every day for /OPT/PANLOGS.

is there unknown bug for this kind of thing?  how to troubleshoot in TSF for this kind

Can't add tunnel interface created by restapi, to Security Zone using restapi.

Using restapi to create IPSec tunnels for a new firewall attached to Panorama. 

I create the tunnel interface using restapi. I can see the new interface successfully created in Panorama. 

When I try to assign that interface to a Security Zone it fail

URL filtering custom block-continue page best practices

Good morning all,

Can anyone point me to any documentation about best practices for the URL Filtering block-continue page's response page variables in javascript code. While the following tech doc is useful:

https://docs.paloaltonetworks.com/advanc

Clarification Needed on Multiple Static NAT Rules with the Same Public IP Address

Hi Community,

I’m working with a customer who had previously configured a dynamic IP source NAT rule with only one address in the pool. This setup worked as expected for just one PBX since after the first session, the public IP would be in use, limit

questions while creating first IPsec tunnel

We have our egress on Eth1/1 with a public IP assigned by our provider.
We also own a separate public subnet.
We have the internet working and want to add an IPsec tunnel from our PAN to a partner also running PAN.
I'm told to continue using the Eth1