User-id issue.

Hi All,

Firewall is 3050 with pan-os version 9.0.9-h1 we are using user-id agent as well as agentless for user-mapping.

Sometimes we are getting machine names instead for ip-address instead of source usernames.we have user-based security policy. Why d

Trouble with NAT and VPN

Hi there,

i want to finish an easy setup which needs a simple DNAT and forwarding into a VPN tunnel on my PA5020.

I've created a working VPN tunnel which is the destination for my traffic. And this works fine if i'm using the tunnel ip to reach targets

QoS and GlobalProtect

We have a use case where many users need to upload files on premises and these are very large video files to on-premises. We want to rate limit/control the organization bandwidth consumed by these users. What are our options. 

Also we use subinterface

Second Gateway and PPPoE

Hi all

I'm in trouble whit this scenario:

- Internet connection by PPPoE protocol with 1 static IP (ie 3.3.1.205)

- additional 8 public IP like: 3.3.3.0 to 3.3.3.7 with 3.3.3.1 as gateway

- Internet connection on ethernet1/1

- internal LAN on ethernet 1/8

IP Spoofing understanding

I'm planning to implement IP drop - under Zone protection on a production system.  I'm really only interested in the ' IP Spoofing ' aspect & I'd like to understand a little more on how it works so that I can addresses any issues, should they arise.

I can't open Support Cases.

I can't open Support Cases. 

Becauase single sign on error.

I cleared the browser cache and tried with other browsers too.

Other options work fine, but only the Support Cases is not open.

What should I do?

Not opening login page to login

I'm using GlobalProtect to connect to a customer.

Earlier a "web" page opened to type in my user name, now it's not happening anymore. It's trying to use my company login which is wrong, I have a account at the customer. 

My IT helpdesk, is telling me

Testing "Security-Focused URL Categories"

Is there a way to test the "Security-Focused URL Categories" with some example of URLs that would match the category?

I went looking for them in my log after setting them to Alert and found none. 

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-ad

GlobalProtect with Azure MFA - Double login (username+password)

Hi, we have a customer with GlobalProtect with MFA from MS Azure. The setup works fine but we are still unable to get rid of a "double login". Not the MFA with a SMS on phone but the regular username/password combo.

Usually it goes like this: 1. Login

https://etm.ru website haven't open

Hi All,

 We have tried to access one Russia URL (https://etm.ru) from our INT-trust and VPN zone while the result is ERR_HTTP2_PROTOCOL_ERROR and have tried with different browser but result is same . We could access through VPN external US gateway (

Suspicious DNS Query (generic:contador.hotelarena.top)

Boa tarde pessoal, 

estou com comportamento estranho em meu Firewall.

notamos muitas requisições do meu servidor de dns interno para o dns externo com " type spyware " 

Verifiquem o anexo.

Geo Blocking problem

Hi, I am using Palo Alto (PA) firewalls hosting Software Version: 8.1.17 in AWS and need to configure Geo-Blocking so that only GB (United Kingdom) requests are permitted and all other requests denied. 

The infrastructure setup is as follows:

FQDN =

Deduplication issue and config document regarding aggregator and output

Hi Experts,

I’m testing with Splunk but, I got a problem about deduplicate.

I’ve been input different 1000 indicators of IPv4 after deduplicate, there is 750 indicators of IPv4.

below one IP address has a different value but, after deduplicate, I c