SIP Register Message Brute Force Attack

Can anyone suggest why this alerts keep triggering on regular basis. Internal connection - destination port is 5060. Observed multiple SYN/FIN connection.

SIP Register Request Attempt(33592)

SIP clients typically use TCP or UDP on port numbers 5060 or

PA500 upgrade to PA460

Hi Team,

I need to upgrade my PA500 to new box PA460. PANOS software matrix says there is no way you can upgrade PA500 to any version newer than 8.1 nor you can downgrade PA460 to anything older than 10.1 which makes the process a bit tricky for me.

Syslog server profile configuration for wildfire 500

Please provide steps for how to configure Syslog server ip in wildfire 500 through cli mode. Because we have hardware of waf500 and access of cli mode currently. 

Retention showing 0 days for hourly , daily and weekly summary logs

At A location  PA VM500  firewall summary logs not showing for traffic , threat and URL logs. Retention period is showing for 0 days.

We haven't made any changes in log quota. Same setting is there at B location vm500 firewall and in that firewall ret

Palo Alto interface does not ping after a certain period of time

We are running NMS.

However, the operation method does not work internally and goes out to the VPN public IP.

trust -> untrust -> isp(internet outside) -> VPN untrust

Communication is done in the same way as above. In NMS, the status of VPN untrust is m

Way to fix a half activated VM-Series?

Fresh install of a VM-Series, 9.0.11.  I didn't manually allocate RAM, so it was running with 5.6G when I activated - get the message, increase RAM then activate again.  Shutdown, increase RAM to 10GB. Boot - firewall is now in a weird state where al

S2S VPN Phase1 down

We have deployed PA-VM in Azure. We are setting up S2S VPN with Cisco Router. PA-VM is the initiator.

All the P1 and P2 param are matching but Status for both are showing red.

System logs show:

 'IKE phase-1 negotiation is failed. Couldn\'t find configu

Customer Support Portal Account

Hello Everybody.

I want to know if can i two account in two different Customer Support Portals with same company mail?

Thanks!

BGP filter route only for /32 prefix

Hi Experts,

My question is, my Cisco switches advertise host routes to FW from many VLANs/VRFs together with other network routes, we want the firewall Not to accept the any routes with subnet mask /32 but accept anything else, can you help to see if

Agentless User-ID agent permissions

We are attempting to use the agentless User-ID setup with the understanding that the service account needed to be a member of the following AD groups: Distributed COM Users, Event Log Readers, and Server Operators. However, after reading the followin

Dynamic Address Group with Azure monitoring

https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-azure/vm-monitoring-on-azure/set-up-vm-monitoring-on-azure.html

In the end article tells to create DAG but how do I add VM's automatically to this g

System log message Clearing snmpd.log due to log overflow

I am wondering why I see the log 'Clearing snmpd.log due to log overflow' on several of my firewalls. Out of the ~20 firewalls I manage 2 or 3 firewalls log this message on occasion. The other firewalls never log this message.

I am trying to understa

SNMP and Netflow

PAN 9.1.8 has SNMP V3 configured base on

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHOCA0

with Netflow on AE5.30, ae5.50, and ae5.60 of the 5260 base on 

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitor

Content filtering for MAC OSx

I am trying to finalize my content filtering for our PA 820 rollout. I have the user-ID, group mapping and content filtering rules (By group) working just fine for my windows PC's. Where I am stuck is trying to figure it out for all of our MAC OSx us