Cortex geolocation ip error

Hi team,

Cortex is erroneously geolocating IP addresses, although the FW itself locates them correctly.

Can anyone help us how to proceed?

Regards

Global Protect Hip check doubt

Hello,

We are implementing HIP for our company, the case is that we already have several HIP objects and profiles working properly.

My question is, if we have identified a machine that does not pass the hip check as we want, is it possible that the v

User mapping - IdleTimout and MaxTimeout architecture with GlobalProtect only (no User ID agents)

We have a setup for up to 2.000 employees. Every employee has the GlobalProtect installed, but we are not using any User ID agent.

We have only one portal configured, for both internal and external (vpn) connections.

• On both gateways (internal and exte

Scheduled report Mail missing attachment

Hi team,

I have configured, Scheduled report but I am missing with the attachment for predefined report. I am receiving mail without attachment for one report. Any Idea what could be the issue ?

convert configuration from set syntax to xml

dear community,

please help with any idees how can convert a config file with "set"  syntax into xml format. 

i know that i can extract  the config direct in xml format  i need this solution to migrate some configuration that care only available

Failed to renew device certificate

Hi

the device certificate is going to expire end of march.

My PA trys to renew it and comes up with the following error:

Failed to renew device certificate.Failed to send request to CSP server.Error: No OCSP response received(dest => 35.238.43.180)

I h

Tacacs+ Cisco ISE config

Does anyone know how to configure the cisco ISE side? We can use tacacs now to access the gui but only local usernames and passwords work when trying to access the CLI using SSH. Does anyone have a complete cisco ISE setup? I found a guide to set up ...

PAN-OS 8.0 HA A/S Cluster MAC Flapping

Is anyone else experiencing MAC Flapping with an A/S Cluster running PAN-OS 8.0?

When one of the firewalls is rebooted and goes into the HA passive state the network detects a network loop because of MAC address flapping between the Active and Passiv

Firewall default trusted certificates status in CLI

Hi Team,

I want to know if there is a way to monitor the firewall default trusted certificates status in CLI?

ISP Configuration in case of TATA (Unmanaged ILL)

ISP Configuration in case of TATA (Useful for Indian Customers willing to configure an unmanaged TATA ILL)

** This is useful in case you are not provided with a MUX or a ROUTER along with the Internet Link form the ISP**

If you are a customer willing

dc firewall Management interface

Hi,

Where should I connect in terms of security and management if I need to connect to the oob management interface? I have access layer, collapsed core, and server farm switches.

Thanks

Two ISP Connection with some of my inside network going out one of the two

Greetings,

Looking for some assistance in a scenario below; keep in mind I do not have or wish to have SD-WAN 

1. ISP1 services the inside and outside connections

2. ISP2 acts as a vpn portal for extenal staff to connect to the inside and route to

Can you setup a S2S VPN behind your Outside (untrusted) interface on same firewall?

Hi
I am using a pair of PA-3250 in HA and have 17 S2S VPNs using my outside interface that has /24 public IP assigned to it. Due to ongoing issues with our current internet, we have decided to move to a different internet platform (DIA) and enhance ou

Upgrading PAN-OS active/passive question

I have 2 firewalls in active/passive mode. Am I able to upgrade one of the PAN's and leave the other in standby or passive mode for a few days while I ensure there are no issues before upgrading the second PAN? It is a jump bigger than 2 versions so