10.0 user-id agent ignore_user_list not working

Since upgrading to pan os 10.0.6, we've noticed the "ignore_user_list" on our server user-id agents doesn't seem to be working.  We did not have any issues prior to upgrading to 10.0.x.  Has anyone else noticed this issue?  We upgraded our user-id ag

Http traffic to https

Hi Guys 
Can we redirect someone trying to access http://www.xxx.com to https://www.xxx.com ( port 80 to 443 ) ?

If we are using Dest NAT for https://www.xxx.com ? 

Thanks 

Decrypt GlobalProtect traffic

Hi Guys!

I have a GlobalProtect (IPSec) configuration with an external gateway, all remote user traffic goes through the vpn tunnel, to which I apply decrypt policies for this traffic.
The problem is that in applications like "teams", it is not possibl

PA-220 Thermal Shutdown

Morning All,

Here in the UK, we are in the midst of a heatwave and we have had 2 PA-220's shutdown for heat issues.

I can't find anywhere at what temperature the Palo shutdown due to temps? I thought it was the MAX Chasis temp, however, we have anoth

Guide for mp-log and dp-log troubleshooting

Hi All,

Is there a comprehensive guide for knowing which logs to look at in the mp-log and dp-log eg. what log files to look when troubleshooting a particular issue on.

For example if im troubleshooting some OSPF issue, i can look at the mp-log route

Timeout while adding ip address to block list

Hello Everyone,

trying to get this container working which is good until the part where I push IP from let's another SIEM into minemeld it gives timeout error.
I have another instance running on Linux 16.04 and this container is 20.04.

Configs were

Settings missing in Management Interface

I cannot see any option to change any Management Interface settings under Device > Setup > Interface.

>show system info is showing ip-assignment: dhcp. I need to change it to Static.

I have tried the commands below but no change.

> configure
# set device

Prototype and Miner for IPv6 Lists

Looking for some guidance on how to create a prototype to pull IPv6 addresses from a hosted CSV/txt file.

Currently I have IPv4 working:

Here's what I have for IPv6 but it isn't working. I've messed around with many different IPv6 regex with no

Bi-Directional NAT To External IP not Configured on an Interface

Hey All,

Working on a PA-220 on 10.0.6 here. I am trying to configure a BI-DI NAT for inside Zone A host 10.0.0.4 to Zone B public IP: 5.183.105.227. This traffic is to allow a vendor to build an IPSec VPN tunnel between their VPN appliance configured

Traffic block due to EDL

I have found traffic blocked due to edl inbound policy. Traffic is blocked for random time like hour or one and half hours for random port.after some time traffic is moving. Another thing is traffic is moving for one destination ip and this destinati

PA 410 reboot time

Anyone know the reboot time on a PA 410?  Looking to see if its better than the PA 220.

Thank you,

Ted