Minimize log size

Hi All,

if there's a way how to reduce or minimize the log size sent to the syslog server?

if any KB / document / best practice how to reduce logs to sent to syslog server

Thank you

deactivate bundle license from PA1410

Hi, I have a problem to deactivate bundle license, because it is... bundle license.

Cannot deactivate license key Advanced_Threat_Prevention_2023_11_13.key which is part of bundle without parent_id attribute.

What is parent_id attribute and how to fi

Problem with (URL Category custom), (Destination Address any) and (application any)

We have identified for some time that when rules are created with 'Application: Any' + 'Destination Address: Any' + 'UrlCategory: Custom' for example:

Name: Rule_google.com_permit
Source Zone: Trust
Source Address: Any
Source User: Any
Destination Zone:

issues with ssh access from macos/ linux

Hi folks I am having issues with access via ssh from macos/ linux pcs

pc ~ % ssh admin@10.10.10.1                                                                                                                                         

Unable to neg

Sofware Upgrade broken? "An active license is required for this feature"

I have a bunch of PA440s and some of them cannot be upgraded as I keep getting an "An active license is required for this feature" message when clicking on Check Now under Device > Software. Device is correctly licensed and activated on the support p

Migrating Panorama license from VM to another

Hi,

I need to take the uuid and cpuid from Panorama, but when i run "show system info" its not appears these paramethers. How can i get these uuid and cpuid to transfer the license?????? My PanOs version is 5.1.0

hostname: Panorama
ip-address: 1

Настройка bridge

Здравствуйте как настроить Palo Alto pa 440 как bridge без айпи адресов можете помочь 

Remote VPN gateway - IKE intitiator drop on Palo FW

Hi all,

so a weird issue.. 

i have a pa1410 with multiple VPNs all working happy days.

I have one client with a linux software based FW (cant recall fw vendor)

we are using same ike/ipsec settings both ends all is good..

if i initiate vpn (test vpn i

regarding upgrade certificate on 18 NOV

Hello,

I want to ask regarding this topic 

https://live.paloaltonetworks.com/t5/customer-advisories/update-to-additional-pan-os-certificate-expirations-and-new/ta-p/572158

Do I have to upgrade the version of PaloAlto ? 

The version I have is 10.2.4-h3 ?

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour!

This event is your gateway to exploring how AI is transforming cyber defenses. Join us

How EDL Tor Exit IP Addresses is updated?

Hello,

I have noticed the EDL Tor Exit IP Addresses includes only over 1200 entries and the total list of exit nodes is over 12000:

https://www.dan.me.uk/tornodes

I was wondering based on what criterion Palo Alto is updating the EDL. Does anyone

ESP_TFC_PADDING_NOT_SUPPORTED

Working with PA 5250 and ASA on the other end.  The tunnel between is up and communication flows across however we are seeing constant system errors being logged.

When we enable the tunnel we get the following.

IKEv2 child SA negotiation is succeeded

Issues with decryption on versions higher than 10.2.8-x, TAC no help

Brief summary, we have a pair of 3420's that where on 10.2.8-h3 for several months with no issues, suddenly one day we had issues with what seems to be OOM but was never fully confirmed by TAC, but recommended to upgrade to 10.2.10-hx(we choose 7 as

Export Codes - HS/ECCN/CCATS

Hi, 

I'm looking to obtain the export codes for some Palo Alto Network products.  Can anyone point me in the right direction to obtain these?

Thankyou,