decrypt-unsupport-param error with no decryption

We are receiving a decrypt-unsupport-param to a specific destination with no ssl inspection applied. I created a no decrypt rule and didnt apply a decryption profile so we weren't checking for expired or untrusted certs either. There is also nothing

Site-To-Site VPN Question

If we deploy a Site-To-Site VPN to one of our remote locations with a Palo Alto NGFW will our main hub firewall control the Threat/URL, etc... and Security/NAT rules for the other Palo Alto? 

Doubt about migrate FW to Panorama

Hello team,

I have a cluster of FW and Panorama both in version 10.2
Tomorrow I will migrate a FW cluster to be managed from Panorama following the following KB
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClZSCA0
Reviewing

Is there any way to apply multiple interface management profiles

should we get power supply along with RMA

Hi Team,

we got RMA box today and need to know, did you send power supply along with chasis ?

if not, can you please arrange.

the case ID # 03117886.

Thanks 

GP issue with IOS device

PA460 issues

Hi,

We have two FW PA460 in HA, one active and another one passive. We have several issues related to configuration synchronization and HA:

1- Synchronization before a commit can take us up to 8 minutes. With the old FW the commit was in less than

How to export disabled rules in Panorama

Hi All,

I'm new here and was wondering if I could get some help on this. I am looking to export some rules including disabled rules in Panorama but what happens is only the live rules get exported though I did include the disabled rules. Can I plea

Single sign-on-error

I am not able to create any case on support portal and getting the following error:

"We can't log you in because of an issue with single sign-on. Contact your Salesforce admin for help."

Kindly help

Failed to send CHAP authentication request:

admin@PA-(active)> test authentication authentication-profile ISE-TACACS username XXXX password
Enter password :

Target vsys is not specified, user "XXXX" is assumed to be configured with a shared auth profile.

Do allow list check before sending out a

OCSP Service Temporarily Unavailable

Hi team,

I have configure an OCSP responder on my Panaroma, I do all the step of the documentation https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/certificate-management/certificate-revocation/online-certificate-status-protocol-ocsp.

Bu

Threat logs from DNS Proxy zone not showing source IP

We use DNS Proxy on 3 of our zones with the firewall IP as the address that the traffic is proxied to. In other words, the firewall proxies the network traffic with it's own IP address.

However, in the threat logs, we have some threats that do not