Wildfire cloud registration attempts without license

Hi,

I am having an issue with PA-220 appliances attempting to contact wildfire cloud. They do not have Wildfire license, but are attempting to register at wildfire.paloaltonetworks.com. The issue is that the firewalls are attempting to set up this con

Help allowing .dll files for VPN users

Hi,

Like everyone, we have a lot of folks working from home. We use a CRM system called Ajeera, and in order to load up the various modules, the client system downloads an app from the server, which includes a .dll file. In the office, it works just

Authentication failed from AD

Hello,

I have integrated the AD with Paloalto , it is working fine and i can see the IP user mapping is correct, once i tested authentication profile

I got the below error:-

Once i tested the authentication by local profile it is working fine.

Can any

Administrators - AD users

Hello, Community. 

Do you know if is there a way to change the "level admin" of an AD's user? In Device > Administrators I can't see the firewall's admins. Just the "admin" account. If I try to create a new account, I can't do it. The LDAP users can

Cannot install PAN GP VNIC driver

I have tried for over a month to install Global Protect and have it work, and can't begin to count on how many installs/uninstalls of Global Protect I have done. Many people have tried to offer suggestions and it seems like the root cause is the PAN

How to block skype ?

I have tried 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKTCA0

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClQWCA0

but still send/receive message via skype

I don't  implement ssl decryption

diffternt TLS protocolsbetween client and server supported in pan ??

we have a legacy client which supported only TLS(1.1) & need to connect to server in cloud which works on TLS1.2 only .. So If we do a SSL Decryption in pan firewall does pan will allow tls1.1 between client and pan firewall and tls 1.2 between pan f

How to send traffic for email logs to port 587

HI Everyone,

I have configured email profile to send system logs of firewall. I have configured the smtp server and my SMTP server is listening in port 587 but the firewall is sending traffic to the destination SMTP server using port 25.

Can anyone l

Problem with Macos 10.15.5 with no HIP report

Hello,

I'm facing a strange case with a Macos device running under 10.15.5, with Global Protect 5.0.9 installed.

On the client side, there is no information displayed in the Host Profile tab.

The client logs show no particular problem, and the HIP repo

GP Issue with LDAP timeouts

Hello Folks ,

We are having an issue with LDAP auth . We have two servers in LDAP profile

10.1.1.4

10.1.1.26

The timeout settings are

Bind timeout 30 seconds

Search timeout 30 seconds

Retry 60 seconds

The GP timeout is 80 seconds

The behaviour is quite r

Unexpected behaviour in security policy

I have one server belongs from the DMZ zone.
Example:-
server ip- 2.2.2.2
source ip for VPN user - 1.1.1.1
VPN zone
DMZ zone

There is 2 scenerio:-
policy(1) - I have created a policy like:-
sourcezone- VPNzone
source ip - 1.1.1.1
destination zone - DMZ zone
des

Failed to add imported nodes into Panorama

Hey Team,

I thought I would share my experiences with adding firewalls into Panorama and receiving the error message in the subject. The scenario is a HA pair with multi-vsys compatibility enabled - and 5 virtual systems. In all cases, adding the Pri