Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
After enabling path monitoring, firewall making that path as inactive even though ping is working
Hoping someone can help me out. I've been on hold for ever 2 hours now unable to get support
Support wants me to upload some core files to the TAC Upload server directly from the Palo device, but I can't seem to successfully do it from SCP on my P
...
Ran into errors with our Palo Alto PA-3250-1 after starting the upgrade process to version 10,
dataplane is not up or invalid target-dp
On phone with TAC (been on hold for hours, waiting for engineer). Has anyone ran into similar issues? Searched onl
...
Hi All,
I'm attempting to configure a 5250 to act as the gateway and DHCP server for my guest wireless. I have a Cisco 9800 WLC directly connected via fiber from Gi0/2 to Eth1/15 on the 5250 over VLAN 825. I then created VLAN 825 on the 5250 as an SV
...
Hi All,
I am looking for information on if we can use PAN-OS to do user ID based authentication for network administration control. For example, if user are working from home or remote location, getting users authenticated via PA Firewalls by integrat
...
I'm working on doing some clean up, and I want to take advantage of dynamic address groups. I have 943 address objects tagged and one dynamic group.
When I monitor the logs, I see some traffic bypassing my rule and going to rules below. I checked the
...
Hello all. New to PAN, and after reviewing the documentation on URL Filtering, I'm confused on the best practice deployment of the policy structure. Here's what I mean:
Let's say I want to break out the policies into multiple granular policies for cu
...
A couple days ago, the threatvault added threat id 56505, and since then our threat log is getting spammed with the vulnerability type Non-RFC Compliant DNS Traffic on Port 53/5353 (informational). We use dnscrypt, and every single DNS request is now
...
I have a high number of sessions, for various webservers and clients, being closed due to decrypt-error. I've attempted to follow the tips from this document, but I'm still not clear on root cause:
https://live.paloaltonetworks.com/t5/Configuration-A
...
I have a PA-500 device running on 8.1.20 currently .
From this version can we jump directly to 8.1.21-h1 Or we need to go via intermediate path ?(8.1.20 >8.1.21>8.1.21-h1)
Also not able to see any Palo Alto reference article about upgrade path , Is it
...
Hi all,
I would like to have the community opinion on two different setups and which one is the recommended by PA, i have looked for documentation about this and i cannot find a straight answer. All i could find was:
https://knowledgebase.paloalton
...
Hi there,
Using a VM-50 that has been running fine on 10.0.2 until there was a need to downgrade the VM.
After taking backups then downgrading to the 9.1 feature release, the Setup page in the UI is now blank.
I have tried upgrading/downgrading to vari
...
Installing user-id agent, says not connected. show user user-id-agent config name {name} returns "No user-id agent config is available on peer PANOS".
Any help would be appreciated.
Hi All,
I was just wondering if running the below command will have any impact on a production environment or is it merely resetting the cache status and shouldn't have issues to run in production?
>debug dataplane reset ssl-decrypt certificate-statu
...
reaper
on:
Required PAN-OS 8.1.25-h1 for PA 3060
reaper
on:
IPSec Phase 1 tunnel not connecting
reaper
on:
Tunnel Monitoring
