Log System setting

I want to set up messages to be sent to email Log Settings - Config 
I want every user who connects to the admin to receive an email no matter where the WAB or CLI or IP source comes from.

@filter builder

(severity eq informational) and (description c

DHCP Interface Stuck

Hi All,

I have a situation where the Meraki sends error saying it cannot reach the internet which is connected to the PA and then to the Service provider's NTU. The NTU is providing DHCP connection to the PA's ethernet port.

No error message is seen

IP Wildcard mask for IPv6 adresses

Greetings! I am running a VM with PA-VM-KVM-11.0.0 and wanted to test the usage of "IP Wildcard Mask" addresses in Security Policy Rules.

The addresses I want to select look like

fd00:10:244:*:2000::/80

and "IP Wildcard mask" type for addresses s

QSFP Connection between 5220 and Nexus9k QSFP interface question

Has anyone connected Nexus 9k to PA 5220 via the QSFP interface?

If so will the Cisco QSFP-H40G-CU3M 40GBASE-CR4 Passive Copper Cable work? Done research but just not 100 percent if it will work.

Thanks!

Route to IPSec Tunnel

Hi All,

I need to add a route pointing to a Tunnel interface. As the peer has dynamic IP have created the IPsec tunnel with Dynamic IP Peer Identification as its Hostname.

To Add route in the VR as we do not have IP address if i just point it to th

Email Scheduler Not Working

Hi Team 

I am on panos 10.2.4 and having issues sending a test email via email scheduler via smtp.zoho.com.au

Email profile has been configured and I can receive test emails but from the actual email schedulers I get a failed to send an email messa

Global Protect MFA with Google Authenticator

Dear Team, 

Please help me understand can we configure TOTP Google Authenticator(Free) for Global Project VPN users 

we have configured Global Protect VPN with AD authentication and want to configure the above solution.

Thanks in Advance 

Regar

issue when import APP & Threat file

Hi, i have an issue when i tried to import the App & threat file into my palo alto but it shows the following error,

Getting error "Failed to update content with following message: encfilesize is xxxx. No threat content update is applied. No valid Th

How to disable RSA/SHA1 on Palo alto device for SSH access

We are using OpenSSH v8.2 cannot connect to SSH hosts with SSH Proxy enabled (SSH Decryption).

Testing showing that this is due to the Palo Alto attempting to use RSA with SHA1 which has been removed by OpenSSH in v8.2.

Is there a way we can config

High temperature DP0 CORE PALO ALTO PA5220

Hello team

Since 2 weeks ago we have detected that the temperature for Sensor DP0 Core is high than other members the Paloalto FW

It is normal?

show system environmentals

----Thermal----
Slot Description Alarm Degrees C Min C Max C
S0 Temperature

Invalid Role - RADIUS

Greetings!

Am troubleshooting PA authentication using RADIUS. The user is part of the appropriate AD group for the RADIUS configuration and the PA and RADIUS server are both setup for RADIUS auth.

On the PA side, added an administrator and set their

GlobalProtect Authentication failed Error code -1 after PAN-OS update

We are on PAN-OS 8.0.6 and have GlobalProtect and SAML w/ Okta setup. It has worked fine as far as I can recall.   

However when we went to upgrade to 8.0.19 and any later version (after trying that one first), our VPN stopped working.   

The client wo

LDAPS

 I am in the process of setting up LDAPS on an 850. I created an LDAPS server profile and pinted it to our server for credentials. Aftr creating that, I set up an Authentication profile and Authentication sequence (wasnt sure if it was needed but the

NCR saving passwords with MD5 hashing

Hi,

was wondering if someone could tell me if there's a way of changing the hashing method when passwords are saved in Palo Alto. I can see from 2010 the method is MD5 and we are also dealing with an NCR stating the same, but I can't see anywhere thi