Zone Protection drops traffic

We have below settings for  our untrust zone protection. We don't see a high CPS rate but we still see packets getting dropped, and has now started effecting us. Any guidance would be helpful.

PANO9.0.11/5250

Unexpect single port disconnection from PA-220

My client's PA 220 cannot reach to his gateway. However, after he has reboot his PA, the connection is back, but only for few hours long! No matter how I have add the MAC address and troubshoot the problem of the system.  I have checked both port on

XML API operational for specific zone??

How can I run XML API for a single zone.

And is there a way to do it periodically with some tool

Minemeld miner that accepts email addresses.

Hello Guys,

Am new to mine-meld and trying to add a node/miner that can collect email addresses.

I was able to find the Prototype aggregator "stdlib.aggregatorEmailAddress" but not the prototype Type=miner and indicator=email-addr.

Could someone please

LIVEcommunity account lost (or stolen?)

Hi everybody! Today I logged into my LIVEcommunity account as usual, but my profile has gone. It seems that I got a brand new account, while the original one is not accessible. This is my original profile: https://live.paloaltonetworks.com/t5/user/vi

Global Protect portal Config selection criteria combination of User group/device check/custom check?

I'm guessing others are combining these together, but is it possible to specify these together mix/match?    Specifically, We have configs without a custom check (custom checkmark box UNchecked-portal/agent/configs/config selection criteria custom ch

Adding ?v=panosurl to MineMeld EDL brought down our entire network

Just wanted to share this with the community in hopes that it may prevent one from experiencing the hardship that we did. We use MineMeld with our URL filtering rules. We appended "?v=panosurl" to the end of the  end of the URL for our General_Block_

citrix web browser application dependency

I have 2 pa 850 . devices was not able to install antivirus update due to application dependencies on web browser. our citrix servers are not set up for web browing due to security concern. is their any other solution available. our pa configuration

Can we configure captive portal for windows machine in palo alto which are in domain?

Can we configure captive portal for windows machine in Palo alto which are in domain?

Customer do not want SSO authentication on Palo alto for machine which are in domain, while going to internet.

He want captive for traffic going to internet.

He want