ION 2000 Physical Memory low

ION 2000 Physical Memory low, how to verify the resource utilization

ION2000 controller connection failed "Analytics" not connected

ION2000 controller connection failed "Analytics" not connected

Ion# debug controller reachability controller
TPM and tcsd process is running fine
Mic cert check passed
Cic cert check passed
Mic cert verify passed
Cic cert verify passed
CIC cert connectio

syslog udp session keep alive ?

When forwarding logs, they are being sent to udp 514. The udp time out is 30 seconds, and the syslog server actually receives packets every 5 seconds. However, I wonder why the firewall keeps the session longer than 30 seconds. When the time is lon

failing back to primary FW and short loss of ISP connection

Good evening,

Tomorrow I'm cutting over a new pair of 3410's. I have 3 LAG connections (AE.1, AE.11, and AE.10). AE.11 is the physical connections to my ISP switch. There are two L3 sub interfaces (VLAN 800 & 801). VLAN 800 = ISP1 and VLAN 801 = ISP2

Policy action is allow, but session-end-reason is "policy-deny" PAN 8.1.12

Hi, All

The action of security policy is set to allow, but session-end-reason is shown as "policy-deny" in traffic monitor.

The PAN-OS version is 8.1.12 and SSL decryption is enabled.
Could someone please explain this to me?
If you need more informatio

problems after RMA of an active-passive pair

just to give a baseline - hardware are pa-5220, running 10.1.6-h6, HA (active/passive), device managed by Panorama.

Long story short - one of the firewalls got stuck on a reboot cycle where the firewall would reboot every 85 minutes. The data plane

ECMP

Dear Team,

Our question is "How can the firewall choose the route without configuring the ECMP"

Appreciate your support as mentioned in this documentation

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-networking-admin/ecmp

"Without this

Register Used PA-820

I need help. I bought a used PA-820 off eBay. Works great!

When I try to set up account on support.paloaltonetworks.com, I enter the serial number and SO.

However, each time, the registration fails. I get an error message telling me to try again la

traceroute application allows tcp port 80

Hi,

Received a call from a client said their external scanner shows their servers behind the firewall allows tcp port 80 connections and able to passive finger those servers, but there is no firewall rule permit tcp port 80 to those servers.  Digging

DNS Sinkholing - missing related traffic logs on windows machines

Since we configured dns sinkholing for some stuff like parked, malware domains, we are seeing related threat logs but no associated traffic logs pointing us to the source behind the queries. Recently we tested it on Mac machines and we do see traffic

SNMP OID Interface Throughput per Interface

SNMP Nagios OID interface Interface Throughput per Interface

Hello good afternoon, first of all thanks for your collaboration.

I have a question, can someone tell me, the exact data of the OID or to build the troughput detail, to monitor the "thr

Ansible Role for PANOS upgrade

Hi All ,

Do we have any role for PANOS upgrade in collection : 

paloaltonetworks.panos

Thanks

Public Cloud Server certificate validation failed.

I get this error message “Public Cloud Server certificate validation failed. Dest Addr: wildfire.paloaltonetworks.com, Reason: self signed certificate in certificate chain”.  Kindly help me resolve the issue.