Packet Buffer Protection Configuration

Is there something misconfigured with my packet buffer protection or is BPA and AI-Ops just flagging it incorrectly? Configure Packet Buffer Protection (paloaltonetworks.com)

RedHat IPA authentication on Palo Alto

Hi, When using RedHat or CentOS IPA authentication on Palo Alto firewall, we may ran into challenges when adding LDAP Server Profile and GP Clients functionality related issues.LDAP Server Profile - On a traditional RedHat or CentOS IPA server there will be multiple ou under the Base DN, In order to work properly along with Palo Alto Server prof...

Palo Alto Firewall - Exporting Log Database via FTP/SCP is not working

Hello All, We are currently doing a POC with Palo Alto firewall in a customer network. The POC got successfully completed. But while exporting the log database from the appliance we are hitting we issues. After checking the admin guides, found the logs can be exported via FTP on the "Scheduled log export". Via GUI:Provided the FTP path, credenti...

Update of Default Trusted Certificate Authorities?

I am just curious - in which way is the list of trusted certificate authorities (WebUI: Device > Certificate Management > Certificates Default Trusted Certificate Authorites) updated? By firmware update or by dynamic update? Regards,Sylvia

PSE software firewall associate

Dear all, I need your help to find my exam question, I am really confussed some question about PSE software firewall associate. Please help me to find right answer. 1. What is the preferred way to analyze traffic logs generated from multiple data center firewalls? a)Use Palo Alto Networks Prisma Access console to view all firewall logs. b)Log ...

Api to disable specific policy

advertise inter-vr route to BGP

Hi, I have RBVPN with BGP and I need to advertise routes that have a next-hop to another VR. They do not seem to be advertised to BGP (currently I advertise only connected routes, not static). Is there a simple way to add these routes from another VR to BGP?

Recover Deleted Customer Support Portal account

Anyone have any idea how to create a user account with an email that was already used prior? I created an account but messed up and deleted it. Unfortunately I did not mess up the email so now when I try to create the account again, it says the email already has an account and cannot be used and cannot log in. I cannot change the email address...

Group of Regions / Region Groups

Is there a specific reason that this feature is not yet available? It's a bit of a pain from a readability perspective to have a massive list of Regions tied to multiple policies, to say nothing of having to update multiple policies which may reference the same set of regions. It just seems as though "region" should just be another thing you can...

PA firewall dropping fragmented packets

Hello, We've seen Netflow Traffic being dropped by the Palo Alto firewall based on the packet captures taken. No zone protection profile is set. DF bit is set to zero. MTU settings are fine and fragmented packets are less than 1500. However, FW is not reassembling the packets. Global counter shows: IP Fragments entry insert failure. IP Fragemen...

About Captive Portal

Hello, I followed the link below to configure Captive Portal https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC When I finished, I found that I was able to successfully browse the Yahoo! However, when I wanted to browse google I found that I couldn't do it How do I set this up to solve this problem ? Any help...

Panorama drops devices from device groups

Panorama shows that all devices have "No device group assigned" in the Managed Devices, Summary screen, but the devices look fine in the Device groups screen.This is also resulting in being unable to commit changes to the firewalls. This issue happened earlier on today, and went away with a reboot of Panorama, but appears to have come back. What...

Number of applications in a application-group

Hi,Do we have any limit on the number of applications that can be added to an application group?If yes, is this limit PA-FW model specific?Regards,Charanjeet