Why does URL Filtering Profile with a custom URL Category assigned require the same custom URL category assigned in a security rule to work?

Hi all,

Pardon me for the lengthy title.

Here is the layout of what I am working with:



• I am currently running PAN-3020 on PAN-OS 9.0.13
• I do not have a URL filtering licence 
• I do not yet do decryption (long story).
• Security rules are any/any for testi

inter-vsys vs shared virtual router

Hi all

It seems like 1 virtual router can be shared by multiple vsys

Reading up

https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000UADEAA4&field=Attachment_1__Body__s

1 VSYS can have all multiple VR’s as well as multiple V

ECMP and PBF not work

we have a PA-820 with dual ISP internet (ethernet 2, ethernet 3)  and  ECMP. all PC 10.1.0.0/16 can load balancing through 2 Internet connection.

If I use PBF so PC 10.1.3.250 only go out through ISP 2( ethernet 3), I see this PC cant connect to Inter

10.0 user-id agent ignore_user_list not working

Since upgrading to pan os 10.0.6, we've noticed the "ignore_user_list" on our server user-id agents doesn't seem to be working.  We did not have any issues prior to upgrading to 10.0.x.  Has anyone else noticed this issue?  We upgraded our user-id ag

Http traffic to https

Hi Guys 
Can we redirect someone trying to access http://www.xxx.com to https://www.xxx.com ( port 80 to 443 ) ?

If we are using Dest NAT for https://www.xxx.com ? 

Thanks 

Decrypt GlobalProtect traffic

Hi Guys!

I have a GlobalProtect (IPSec) configuration with an external gateway, all remote user traffic goes through the vpn tunnel, to which I apply decrypt policies for this traffic.
The problem is that in applications like "teams", it is not possibl

PA-220 Thermal Shutdown

Morning All,

Here in the UK, we are in the midst of a heatwave and we have had 2 PA-220's shutdown for heat issues.

I can't find anywhere at what temperature the Palo shutdown due to temps? I thought it was the MAX Chasis temp, however, we have anoth

Guide for mp-log and dp-log troubleshooting

Hi All,

Is there a comprehensive guide for knowing which logs to look at in the mp-log and dp-log eg. what log files to look when troubleshooting a particular issue on.

For example if im troubleshooting some OSPF issue, i can look at the mp-log route

Settings missing in Management Interface

I cannot see any option to change any Management Interface settings under Device > Setup > Interface.

>show system info is showing ip-assignment: dhcp. I need to change it to Static.

I have tried the commands below but no change.

> configure
# set device

Bi-Directional NAT To External IP not Configured on an Interface

Hey All,

Working on a PA-220 on 10.0.6 here. I am trying to configure a BI-DI NAT for inside Zone A host 10.0.0.4 to Zone B public IP: 5.183.105.227. This traffic is to allow a vendor to build an IPSec VPN tunnel between their VPN appliance configured