CPS doesn't work

Documentation says we should measure CPS for creating baseline. I have done this for last 20 days collecting CLI output every 3 seconds and have Panorama data to back it up. Below is last 7 days data, CPS never peaked beyond 20K and on average is bel

Terraform - AWS - setting resolv.conf or the ifcfg file to point to PA?

Looking for documentation for instances terraformed into an AWS VPC to point to the VM (or hardware) palo-alto gateway address by default as set up in each instances resolv.conf or the ifcfg file.

Thanks.

GlobalProtect Portal - No certificate profile configured, but prompt for certificate

Hi Community,

I got a strange problem and want to hear, if someone got the same.

We got a Panorama managed PA-3220 PAN-OS 8.1.7 with GlobalProtect portal, external gateway (which share the same IP) and an internal gateway.

The external gateway got a cer

ha2 keep alive

Hi,

I am getting the below message  ,there is no specific interval (around  30 min) 

it  countinously happens from three days .

What is the action need to be taken 

HA Group 1: Local HA2 keep-alive up
04/15 14:57:47

HA Group 1: All HA2 keep-alives are dow

Convert VM-Series Perpetual to Flexible License (Credits)

Hi All,

I have a number of VM-Series perpetual licenses with subscriptions that are due for renewal and would like to migrate to flexible licensing so I can purchase credits to add new subscriptions.

I've found the process to do this as follows howev

Suspicious TLS Evasion Found(14978)

Dear Team,

I have configured the web service behind PA. and attached the security profile . i can see in the thread logs the thread is generating "Suspicious TLS Evasion Found(14978)".

i have gone through the below KB but didn't understand

https://kno

RDP with another account deleting the local mapping

Hi,

We use GP to connect to our company. So when i open a RDP to internal server using administrator user, my local mapping change also to administrator. We are using agentless for userid. 

What option do we have in order to keep the local mapping? i

WildFire EU connection timeouts

Some of the customers are experiencing following errors with PAN devices (updates OS 8.x) that use WildFire EU (about 5-10 per day at random times):

Event: 'wildfire-conn-failed'

Severity: 'medium'

Description: 'Failed to perform task multiple times re

IP for Cluster HA Active Pasive

Hello,

We have a 3200 series HA cluster active/passive version 9.1.10.

The requirement is to access through a single ip always to the active node.

That is, I have an IP for the active node and another for the passive node but I want to configure a singl

GOOGLE MAPS WHILE BLOCKING OTHER GOOGLE SERVICES

Does anyone have any ideas on how to permit access to Google Maps but block access to all other Google services? I have tried using a rule matching the Google-Maps application however it requires google-base which allows many other Google services. I

Single-homed interface configuration VPN?