Override in URL Filtering is not working

Hi Team,

One of the domain is not working even after adding that domain in Allow list in override tab under URL Filtering.

I have blocked one URL category in that URLFiltering profile however i have added a website/Domain that needs to allow if also

Connection HTTPS / HTTP and SSH not working

I can't connect via SSH HTTP or HTTPS to my PA-500 firewall .

I can ping it from my network and that's all .

Also , the strange thing it is that from panorama the device is reachable 

I have checked the traffic -> is allow

I have checked management inter

Question about moving objects...

I have some security rules on a device group using shared addresses groups. I need to move these objects to the device group but I'm not finding an easy way so far. I can't simply move the address group, panorama doesn't allow because rules are using

Oracle database increase session time

Hi All,

Our application use Oracle database and connect application via TCP 1521 and 7777. One session have to keep 24 hour and is it any ways to increase that time?

Thanks !!

HA malfunctioned due to data plane down

Hello 

We have PA-3220 and its running 9.0.12. recently i saw that HA status is showing that "HA malfunctioned due to dataplane failed" and we cannot push any configuration on the firewall due to "dataplane failed" error message. 

Please suggest what c

SSL Decryption and Reddit Posting

Last year I implemented a rule to allow users in my company access to the reddit.com site. It is in our company policy to disallow sharing messages on social media, so I implemented this rule with URL filtering (chat/messages/etc...) and only allowin

Certificate issue

Certificate expires date showing different internally and externally for particular URL

how to monitor PA firewall interface IP address using SNMP monitoring

Below KB don't contain OID 1.3.6.1.2.1.4.20 . I am looking for this OID (provides the addresses and the link to the interfaces you've sent through)to receive firewall interfaces IP address using snmp.

https://knowledgebase.paloaltonetworks.com/KCSArt

Does Palo Alto Networks Support actually exist?

Nobody will answer their phones. Several attempts to call support only leads to hours on hold, nobody ever answers.

Migrating from a pair of 850s to a pair of 3220s!

It is my understanding that I should be able to export my config on the primary PA-850 and import it to the primary PA-3220.  I know that there are more RJ45 ethernet ports on the PA-3220, so I will update Ethernet1/9 to Ethernet1/13 and Ethernet1/10

Multiple External IPs to Multiple Firewalls

I am sure this is going to be something simple, but I am admittedly stumped (not hard to do).

I have a block of External IP addresses assigned by our ISP , say   172.10.10.10/29

The gateway is 172.10.10.10 . This contains a single physical port . Thi

Internet speedtest from PAN

Is it at all possible to determine circuit capacity directly from the PAN?

Esentially what im trying to do is run a intenret speedtest directly from a PAN.

What would be perfect is the ability to run an iperf client direclty off a PAN