PAN OS 10.2.2 2-FA OTP issue

Dear community

After upgrading my Palo Alto 820 to PAN-OS 10.2.2 I've faced with 2-FA OTP issue. The device requests for the OTP but responds after 3 minutes with Timeout. There was no issue on the network and the OTP server side. OTP server sends

i have the palo alto vm 10.0.3 version , need help

Using this image for labbing on EVE-NG pro and i cannot create a working active standby cluster as both instances of the node that i created have the same serial number, is it possible to change the serial number of the node upon creation? what is th

Global protect client for windows 11

Are the Global protect agent is compatible with windows 11?

Config changes retention in Palo Alto For non root user with read only admin access

Config changes retention in Palo Alto For non root user with read only admin access

Hello All,

I have recently come across the issue of read only admin access config change 10-15 days back but same not reflecting in the commit when I checked. So,

GlobalProtect Cloud Services Route Precedence

We have had overlapping subnet scenarios where someone is connecting using GlobalProtect Cloud Services from a subnet that overlaps our internal subnet and, as they have a more specific route, access to internal resources is failing as the taffic is

Utilizing ZTP with On-Site Spare PA440

Can I add On-Site Spare PA-440 firewalls with ZTP?

Thanks

TCP session timeout behaviour

Hello,

I have a question about the mechanism of TCP session timeout on PA FW. Assuming that default TCP timeout on PA device is 3600 seconds. What happen after a TCP session is idle after 3600 seconds ? Does the FW send TCP RST at each endpoints ? Or

Intergate TWSITCLI with PRISMA CONSOLE

We are looking for documentation/Actual Steps ,  How can we integrate TwistCLi which is being deployed over a VM Linux machine and currently being used to scan Tar container image files with Prisma console

How do I remove KEX diffie-hellman-group1-sha1 from SSH on PAN-OS 8.1?

Our vulnerability scanner has detected a weak KEX algorithm (diffie-hellman-group1-sha1) on our firewall.  Is there a persistent way to disable the weak KEX algorithm?

I found this article (below), but it says every time the firewall reboots the weak

Global Protect error Windows 7 Client

Good afternoon, first of all thank you very much for the help and support for this case:

"The virtual adapter was not set up correctly due to a delay. GlobalProtect will try again soon. If the issue persists, please restart your system"

-Windows vers