API calls to Azure failing

Hi All,

We have a setup to turn-on and turn off VPN from Palo VM to Azure (at a specific time daily) but recently the tunnels are not coming up. Seems like the API calls are not being received at the other end. This setup was working before but stopp

Can Be Paloalto integrated with Kafka?

Hello team,

We want to know if Palo Alto can be integrated with Kafka and if it is possible, we need to know how it can be done.

Thanks so much,

Best Regards

Not able to configure user/user groups under Global Protect Gateway under Panorama, same is possible

We have configured Global Protect VPN. We are trying to configure specific user/user groups under Global Protect Gateway in AGENT config on Panorama server. Unfortunately, we are not able to see any user ids/user groups under drop down list. But we c

GlobalProtect on a Chromebook using HIP check.

Here's something interesting that I'm running into. I have a Chromebook managed by Google Admin Center. I have GP 6.0.6-8 installed on the Chromebook. I am doing a HIP check for Host-Id. The Chromebook connects and the HIP info is verified until the

Chromebook using always on, asks to install a certificate.

We are trying to connect our Chromebooks to GlobalProtect using always on. The Chrombooks are managed by The Google Admin Console. We are pushing the certificate as described by google. On connect GP askes to install a certificate. If I cancel then i

The dreaded User-ID, Dynamic TAGS, XMLAPI and Multi-vsys

Hi Community, my first post so hopefully I am in the right area.

I am running a multi-vsys setup with 5220's in Active-Active HA and using XMLAPI calls from Aruba ClearPass to send login/logout info as well as tags for use in dynamic object groups. It

Zone protection for VM series

Hi everyone,

I was looking for PA best practices for  VM series' zone protection but only found documents that talked about physical PA.

1. Are physical and VM series zone protection the same? could you point me where the docs for these are?

2. U

Wild Fire internet access physical setup

Physical Appliance require a direct internet access or dirty link ? 

PAN 3020 software is not in the list

I'm trying to download the PAN-OS 3020 software from the support portal but cant find in the list  and Panorama M-100 as well . Please anyone help why it so ? 

Logging of allowed URL attempts without allowing other traffic

Here is a simple example on what I am basically trying to do. 

We have two rules that allow access to certain domains. 

Rule 1 : Allow access to domainX.com 

Source: LAN
Destination: IP-Group

Security Profile: URL Filtering (Base-URL-Filtering-Profi

SSL decryption and AppID

Today we use "ssl" AppID in firewall rules. In case we would enable SSL decryption, is it needed to add the AppIDs of the decrypted traffic to the firewall rules, e.g. web-browsing, java, flash, or is the AppID staying "ssl" even when traffic is decr