TCP 179 BGP port exposed to non direct neighbour or multi-hop neighbor, no rules in place allowing such traffic - still reachable

Hi,

We just got pinged by security that our Palo's are exposing their TCP 179 to the internet while we utilize BGP as routing protocol to our next hops.

Now we haven't got any explicit rule which should allow TCP 179 on the public side, and yet a non B

URL not accessible in Chrome and same working in Firefox

User trying to access external site, That particular website is not accessible getting "This site can’t be reached".

The same URL is working on Firefox. 

Request traffic from chrome not reaching paloalto, the same from Firefox I can see the traffic log

IP does not show properly in ACC.

Log Forwarding Card (LFC) IP address in HA

I have an LFC in high-speed-forwarding mode but sometimes viewing the logs in Panorama seems to be delayed 2 minutes or more.  I couldn't find any documentation on setting it up in an HA environment.  Looking at "show logging-status" on each firewall

Facing issue with the Data Plane

Hi ,  We are facing issue with one of 7050 box , auto commit get failed and due to this dataplane kis not coming up. this is the error which are coming .

• Error: Failed to get vsys config, already allocated (2097152 bytes)
• failed to handle CONFIG_UPDAT

#PA-820 Not routing to Internet

I have an issue with a PA-820 that has me scratching my head. I'll try to keep the description short, but this one takes some background.

The History:

I had two physical sites in different parts of the country, one with a PA-820 the other with a pair

How Qos Percentage will be calculated on the firewall

Hello All,

Can someone please tell me how the QoS percentage option works on the firewall.

How does it measures the percentage we have given in the profile.

Palo Alto Temperature Readings

There are three temperature readings for Palo Alto PA-220 when I pull them using SNMP to our Cacti server -

----Thermal----
S1 Temperature @ U48 False 
S1 Temperature @ U49 False 
S1 Temperature @ Cavium Core 

I researched that Cavium Core is the main pro

No url filtering is configured, but show session can see url filtering enable

 Hello 

In pan-os 8.1.x, url filtering enable is not configured, but show session can see url filtering enable；

policy：

Other versions tested pan-os 10.1.x, url filtering fales：

Join Us for a Tech Deep Dive Miniseries!

Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.

Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real

SMB/MTU Issues

We are having issues with slowness when moving files in general. Whether they are through the SMB connection or just over the network. We have found the following, but want to get people feedback on what might have worked for you. 

PAN - 157715  - 

High Availability - Passive Link State

Hi Team,

Trust all is well. IN the documents it is only mentioned that the "Auto" link-state makes the convergence faster but it is not mentioned how much faster, for example in the number of seconds. From the guide:

Set the Passive link state to "Auto

Aggregation interface on virtual wire

Hello All,

Is there supported to create virtual wire aggregate group ae1 with 3 physical interfaces and another ae2 with another 3 physical interfaces, then form virtual wire with ae1 and ae2. Point of this setup is to put PA between two switches with

Try to open case, can't select serial number for PA when prompted

Need to get a case open, am fully up to date on support - when prompted to select device serial number cannot select. Tried several different browsers. This is ridiculous.