Firewall Logs Backup

Dear Team,

How to take logs from active standby firewalls i am going to migrate the firewall from 5050 to 5220 so i will lost old firewall logs once i added new firewalls to panorama.Kindly suggest how can we take the logs for future purpose and sugg

Global Protect gateway timeout

We are connected via Global Protect are having issues where the session gets disconnected overnight. Is there a way to override this setting only for one user ? Does below settings change will affect all users 

We are using split tunnel.

Could you pl

file download slow

Hi,

My speedtest shows 50 Mbps bandwidth remainig

.But when downloading files i am getting very low speed . To isolate the problem bypassed PA, then speed was ok .

Traffic shaping is enabled on PA.

Web browsing is  ok 

How to fix this problem 

Thanks

Auto commit failed after upgrade to 8.1.0

We upgraded the passive firewall on our Active/Passive HA firewalls from 8.0.19 to 8.1.0.
After installing the 8.1.0 image, firewall rebooted. After that, ethernet interfaces as well as HA ports didn't go UP.

We also got an error, that the auto-commit

Custom Response Page

Hi All,

Hoping someone can help. I need a custom response page for URL Filtering. I know I need to use Javascript but that is not my forte so hoping can provide the inform for me. I need to produce two distinct page responses depending on the IP addr

Nest Thermostat

Anyone running a Nest Thermostat behind a Palo Alto Networks firewall?  I am seeing an inability to connect to the nest site.  Logs show  a repating SSL on 443 with session end reason:  tcp-rst-from-client

Any thoughts would be appreciated.

Bob

HIP Profile serial number filter issue

I have upgrade my firewall from 9.0.9 h1 to 9.1.4 when i generate the report for the HIP profile or use the filter base on serial number iam facing this issue please suggest i there any bug in 9.1.4 

Even clicking on serial number in HIP Match logs to

Can someone exsplaine to me like I'm 5 what App-IDs are?

So I need to update my PanOS on my PA-3020, but because I have a mission-critical network I need to avoid downtime as much as possible.  In the walk-through for the PanOS upgrade, it says 'any change a content releases introduces that affects App-ID

EDL IP List GUI not display

Currently setting EDL
EDL IP information can be captured on CLI
But it cannot be confirmed in the GUI

Tried PANOS  version 8.1.5 and 9.0.0 

Try some edl can
Some can not be displayed

not display
https://report.cs.rutgers.edu/DROP/attackers

can
http://rules.

Incomplete sessions for NATTING/Access to different site DMZ

Hi All,

I am having a complex and tricky setup that require NATTING and host web server in different network/site DMZ, I know it is not best practice but hope you can help:

Here is topology:

Site A zones: Trust, Untrust and DMZ with their own public IP