General Topics

Paloalto cannot resolve specific FQDN through Nslookup & "fqdn refresh" is not working on CLI console

Hello all,
Our client company uses FQDN A and B that Nslookup the same IP, and the firewall has a DNS access policy applied with these FQDN.

Recently, the customer deleted the DNS of B, and if it is normal operation, it should be normal service with F

Hip profile cannot check process

Hello all,

Hope you are doing well!

Currently, we are checking the process through Hip profile setting.


However, some PCs are facing an issue where the Process Check information list is not displayed.

I checked the HIP Object settings and found that th

XML API response for predefined EDL only returns 1 value instead of the entire list

Hi there,

Has any one been able to successfully use the XML API to query the predefined EDL lists and have the ENTIRE list returned back in the response?

When I attempt to query say the panw-torexit-ip-list, the XML response only returns using this

Failed to update threatss&apps

I have a Paloalto cluster and in the active FW I get the following error when trying to download and install the dynamic updates.

Anybody can helps me?

Regards

Mobile device traffic - source users

Mobile users connect to wifi through to active directory authentication but in log-trafic- source users name not showing.

(For laptop/desktop source users showing perfectly- this authentication also through AD)

PDF Report outlook missing attachment

Hi, my firewall is set to send PDF reports daily, attachments are usually not visible when receiving emails using Outlook.

I tested sending reports to Gmail, but I can't see attachments when I use Outlook to receive emails. But you can see in the w

PNG File Chunk Length Abnormal

A strange trend we're seeing the application ms-update return a threat of:  

PNG File Chunk Length Abnormal

It's been occurring since June and the png files related to the threat are named:

sw_saber_rey.png

sw_saber_luke.png

sw_saber_vader.png

An

Is A2 (Auto Assistant) dead?

Hi,

Today, I could not access A2 (Auto Assistant).

When I access https://autoassistant.paloaltonetworks.com/#/dashboard/my-view-case,

returned 504 Gateway Time-out.

Why?

A2 is very helpful for my customer support business.

Thank you.

Are there performance issues due to object groups?

Hello all,

As shown in the attached photo below, the limit on the number of members in the address group of PA-3220 is 2500.

1. We are going to apply about 2000 Object Members per address Group to the PA-3220, is there any performance issue? If there w

Questions about session limits on PAN

On firewall datasheets we have two max session  values :

Max sessions (IPv4 or IPv6) = A
Max concurrent decryption sessions = B

Question in here : are these two separate buckets ? lets imagine decryption sessions reach out to Value B , does it mean t

BGP Peer & Route Advertising

Hi All, 

I have followed a few guides but cannot manage to get a /30 RIPE subnet advertised to our ISP. I have followed the following guide for route distribution, however, i cannot see them in the Local RIB and RIB out tables. https://knowledgebas

Easy way to copy a policy from one firewall to another?

Good afternoon!

I have a set of Palo Alto PA-820s and 850s that I'd like to converge their configurations. For instance, have the same whitelist or blacklist policy outlines that I can add or remove websites, countries, and so forth. 

I see I can s

SSO Kerberos setup for Admin

I have been able to set up Kerberos for explict userid/password entry at the logon screen. Now I am trying to setup SSO.

I at least get to the Click the button to login as user@domain.local. Yet when I proceed, I get Not Authroized.

System log shows