General Topics

FQDN exclusion Global Protect enforce connection

Is it possible to FQDN exclude  your local domain *.localdomain  when enforcing network Global Protect connection?   Could this be used as a workaround for not having pre-logon configured?  

How/why is there not a enforce global protect connection on

Device in Not Ready state after loading the build

Device stays in Not Ready state for long time. Auto commit also failing. Could someone help please. Is there a CLI to resolve this issue. I found one, but couldn't recall it now.

Microsoft Exchange Server 0-Day vulnerabilities - Share your thoughts

Hi all, if you haven't lived under a rock for the past week, I'm sure you've heard about the 0-day MSExchange vulnerabilities. We want to let you know that Palo Alto Networks has you covered and wanted to make sure you have all the information you ne

Is there an updated SFP compatibility Matrix?

With the new hardware rolling out, is there a new document that shows which SFPs are compatible with which FWs 

DDNS over PPPOE

I would like to know some details about  DDNS over pppoe. That feature was not available in 9.1.x series below is the document i chedked.

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/dynamic-dns-overview.html

However, when I

Jitter when making Phone calls

Hi Experts

The client is reporting Latency/Jitter when making the phone calls which is traversing through the PA firewalls 5220. We've QOS policy configured for the RTP/SIP applications (User/Zone is set to 'any') with Class 1(real-time) . Also, we've

Upgrade/Move from Panorama Legacy mode to Panorama mode

Hi,

Currently Panorama is in Legacy mode, there 5 devices connected to it, 2 in 2 data centres, one at an office. Templates are configured and synced across devices including device specific templates (like configs and other device management configs)

M500 Disk Pair Raid status changes between active and clean

If I execute the command 'show system raid detail' on my m500 log servers I see the status of the disk pair toggling between active and clean. I am wondering why it would doe this. Is this normal?

admin@LOG01> show system raid detail

Disk Pair A Avail

How are 'Bytes' counted in ACC and traffic logs?

Hi All,

One of our customers has blocked the 'Music' category in URL Filtering but when we filter the 'Music' Category in ACC, it shows total bytes for the last 7 days as 5 GB.

So what do bytes really represent? Why does it show 5 GB when the category

How to Renew Certificates for GlobalProtect Devices

Hi all,

I want to renew the expiration date of the certificates for my globalprotect devices. The firewall is the CA that issued the certificates.

My question is whether I have to export and import the certificates after renewing them by follow

Palo Alto appliance SSL-VPN throughput

Hi all,

I searched all the documents available for Palo 5220 (performance datasheet, PANOS admin guide etc) but i cannot seem to find anywhere specified the SSL-VPN throughput...only the maximum number of SSL-VPN tunnels. Is there anyway or maybe a d

Connect 2 Aruba Controllers to PA-220

We have two Aruba wireless controllers in a master / secondary configuration.  Each one has a trunk port which contains about a dozen VLANs with our guest wireless traffic.  The VLANs are arbitrarily assigned to the trunk ports by the controllers and

Is it possible to purchase support for a PA-200?

I recently purchased a PA-200 for my home lab and it's running PAN-OS 8.0.  Is it possible to purchase support so that I can update this device to the latest version of PAN which this device can run?  Thanks.