Routing issues when using NAT over VPN

I'm looking at this document. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClipCAC
It says our selected NAT addresses (2.2.2.0/24 on PA-2020 in this case) need to be routed to a tunnel interface, in order for policy lookup

Customer Support Portal Inquiry: devices in assets under customer profile does not show the updated PANOS version.

Customer updated all devices to latest PANOS version after receiving the email for CVE-2021-3064. However, the PANOS versions for the devices are still showing the older version (8.1.6) in the customer support view. Customer can open each devices and

Session end reason threat traffic allow

Hi Everyone 

we got the problem for session end reason “threat”, cause we detected the coin miner traffic through firewall and transmission to internet, even we saw the session end reason already hit to threat when the spyware traffic initially and

Move Customer devices into our support portal

We have taken over an account.  I need to move 4 firewalls for our customer from their existing support portal into our support portal.  Can someone give me directions here to get started.

-Mark

Prevent Globalprotect from connecting when user on internal network

We want to prevent Globalprotect from connecting when user is on the internal network. We have the client set to manual connect/disconnect but users can be stupid and connect anyway.

We don't have an internal gateway, and dont want any ssl tunnel when

GlobalProtect on internal connection does not display loginID

Hello

We have a issue with global protect:

when a user logs in to globlal protect from the outside it shows the LoginID correctly, but when the user logs in internally it does not show the UserID.

Any idea why this is happening?

Thank you very much.

B

Unable to Download 30 Day PA-VM | An error occurred while processing your request

Hi Guys!

So I submitted my request to get my Palo-Alto 30 Day trial license.

I Got Approved & received an email from them with a download link. Now Once I try to download the VM I get the following error:

An error occurred while processing your reques

Unsynchronization in the log display in paloalto FW

The hours in which events appear in the Paloalto log do not correspond to reality. They appear several hours after they have occurred.
We have checked that it is not a problem with the NTP, this seems to be a problem with the time at which Paloalto sh

Panorama not show rules shadow

Hello,

I have several devices managed from Panorama. All in version 9.1.7 .

When I commit from the team it shows the rules shadow warnings but when I do the same from the panorama it is not shown.

Does anyone know the reason for this?

Is it possible to s

VM-100 maximum number of interfaces on KVM

For some reason, after activating the license on VM-100, I still only see 8 interfaces even though I have interfaces configured in the VM settings.

I thought KVM supports up to 25 interfaces.

This is running on KVM on Ubuntu LTS 20.04

vm palo question on interfaces for esxi

We have an exisiting vmware esxi environment that has 3 hosts with distributed switches configured.

Currently, each esxi host has 4 links (all trunks) going to the physical uplink switch.

We've installed a VM palo series firewall and have established