Split Minemeld Feed

Is there a way to split a large output feed into smaller feeds.

Multicast, who accessed??

I have tested multicast to be working and is configured as in this diagram. In the logs I see traffic from SERVER zone to Multicast zone. But there is no log on INTERNAL client that accessed the multicast stream.

Cisco CAPWAP AP stuck in Discovery

Hi All,

Has anyone had problems with CAPWAP AP's separated from the WLC by a PA-220 firewall get stuck in a DISCOVERY OperationState?

>show capwap client rcb
AdminState : ADMIN_ENABLED
OperationState : DISCOVERY
Name : ***
SwVer : 8.5.151.0
HwVer : 1.0.0.

NPTv6 seems bugged (PAN-OS 9.1.9)

Hi,

we're running into an issue with IPv6 NPTv6 which we use to route traffic through IPS on PA.

The address isn't translated as expected.

We tried NPTv6 in 2 configurations, both translate the same. We either used:

xxxx:xxxx:xxxx:ffe0::/60 -> xxxx:xxxx:

Knowledge sharing: Palo Alto checking for drops (rejects ,discards), slowness (latency) and counters using captures, global counters, flow basic etc.

Hello To All,

I will create a short summary about how to do basic checks if the palo alto drops or slows down the traffic.

1. First the pcap capture on the drop stage will show if the firewall drops the traffic and after that we check why the firew

HIP check report interval

1. What is the interval for HIP reports that the GP client sends to the gateway? 

2. Is it configurable?

3. What triggers HIP report sending?

User-ID not populating after Microsoft patching - Warning

Hello All,

Just wanted to post this in case anyone else ran into it. Microsoft release patches as they normally do, however there is one that might break user-id, June 8, 2021—KB5003671 (Monthly Rollup). There is a warning in the notes: 

After inst

Using Authentication Policy and GlobalProtect with AAD SAML to prompt MFA authentication for Admin access to resources

We have new requirements to require MFA for administrative access to just about everything and have to put into place in very short order.

“In addition to remote access, multi-factor authentication is required for the following, including such access

Split Tunnel Routing Config Help

Looking for some help on split tunneling.

We are on PAN os 9.1.9 GP client 5.26, for our LAN we also use Cisco Umbrella to block sites.

What I want to do is when GlobalProtect connects I want all LAN traffic going through the VPN traffic, and all Inter

PA-5050-Data plane showing high

Dear Team,

Our Core firewall Data plane  CPU reaching to 99% , When we checking the traffic logs some MS-SQL application getting high usage, and system logs are showing "dataplane under severe load palo alto".

Pan os : 8.1.15-h3 ,Device : PA 5050.

Ki

Palo Alto Globalptotect intermitant PanGPS error 'network type is unknown network' that causes the HIP report to not be send every hour

Has someone seen an issue where the PanGPS log is saying "network type is unknown network" before failing to send the HIP report every hour?

For info we don't use or have enabled Internal Host Detection as there no internal gateways and I see that t

Knowledge sharing: restarting palo alto processes , reboot , shutdown, factory default reset

In palo alto like any some things are fixed with an restart.

1. If the managment plane in the masterd log (for more about the Palo Alto logs and their meaning you can check https://live.paloaltonetworks.com/t5/general-topics/knowledge-sharing-palo-al