General Topics

WMI access denied in System Logs but Device > User Identification shows connected on all DC's

Hello,

I've seen on my Palo Alto 3220 system logs dashboard applet a ton of Access Denied messages regarding our domain controllers.  However if I go over to Device > User Identification, all 4 of our DC's there are listed as connected in green.  All

Access Denied (Server Monitor)

I configured the Base name and bind name properly but we facing the following error in putty “pan_user_id_win_get_error_status(pan_user_id_win.c:1130): WMIC message from server AD-Monitor: NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied” and  “pan_

Unable to connect to dataplane interfaces

We have pair of pa3220 in active/passive with one LACP trunk interface and a WAN interface as standard L3 interface. All of sudden we are unable to connect to the VLAN interfaces on LACP trunk and WAN interface. Failed over the passive one and traffi

PANOS Upgrade from 6.1 to 9.1

Got an old firewall, 

How much is the risk to upgrade from PANOS 6.1 to 9.1 now???

Any concern?

schedule security rules

I have 2 security rules, one needs to run office hours and one needs to run non-office hours. If the tcp session remains (not closed) can the same traffic use different security rules based on time ? or because the tcp session remains and it will sti

issues using aka.ms in a firewall rule

Microsoft makes extensive use of the name aka.ms to map to thousands of IPs in its Akamai content delivery network.

I find that i have issues trying to use FQDN host object aka.ms in a firewall rule. Many times traffic doesnt hit the rule.

I suspect

session_end_reason eq 'n/a' after upgrading to 9.1.14 h1 model 5220

We are observing a high amound of session_end_reason eq 'n/a' during peak hours and results session end . any similar experiance ? 

Install a single Host Defender (twistcli)

Install defender failing 

sudo ./twistcli defender install standalone host-linux \
--address https://<CONSOLE> \
--user <USER>

Ref : https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_defender/install_hos

PAN-OS User-ID Issue and Workaround

I upgraded to PAN-OS 10.0 yesterday and encountered an unusual bug when pushing out a config to my 3220.  I opened a case, but figured I would post it here as well, but don't expect screenshots.

Symptom:

After the Panorama upgrade a commit to the 322

panorama opt/pancfg full,how to clear .

the customer find the panorama could not push new config file to firewall,
check the disk space,find the opt/pancfg space avail is 0.
so they reference aritcal kb,clear some file in the opt/pancfg.
include ：
GUI: Panorama > Software => Delete the old sof

Global Protect doesnt connect to any portal after connecting to a client certificate authentication portal

There's portal A without client certificate auth

There's portal B with client certificate auth,

when i do the following:

Successfully connect to portal A,

Successfully connect to portal B, select a certificate and all of that,

Now im no longer allo

Support portal error

Hi everyone!

I work in PA's partner company and we have customer support portal account. But recently I'v started to get error after log in on the portal. This error is shown in an attachment photo. I wrote to nextwave support but I haven't received

Global Protect Linux Custom HIP Check - Process

My client is looking to perform additional validation on systems connecting to their Global Protect gateways to ensure they are company owned systems.

They use BigFix to manage their endpoints and they know if the Linux client is running the BigFix p