General Topics

why the config logs is not capture?

Hi,

We have observed that “activating” a GP client version is not captured under configuration logs.

1.        Is this because no commit is required for such an action?
2.        Is this expected behaviour?
3.        How can we check on the history of such a con

PA 200 Connected to 4G Router

Hi Folks,

We currently have a primary direct internet from the ISP to the Palo Alto PA-200 configured with LSVPN .

As we plan to have a secondary Internet, we want to connect the Palo Alto PA-200 with 4G Router using LSVPN as well. 

The problem is the p

OSPF: more detailed logs?

We're still experiencing the occasional OSPF adjacency drop, although it's much improved since our changes over the summer.

However, the log entries in the System log is anything but useful:

Monitor Traffic Shows Sess Still Active over Tunnel Even After Int Failed

We're provisioning and testing a dedicate wave circuit and an Internet-IPSEC backup between two PANs. (We are also running IPSEC over the wave circuit). We noticed a phenomena of sorts and was wondering if anyone has experienced this: We purposely fa

Redirect one URL category to another domain

Hi everyone , 

is there any way to  Redirect one URL category to another domain . For example  all news to CNN.com

Panorama and User-ID Compatibility (9.0) with NGFW in 8.0

Hello,

We are being affected by a bug that disconnect the Virtual-Wire interfaces in the switches. We are in 8.0.8 version and we wanted to upgrade to latest 8.1. We discover recently if we upgrade to 8.1.0 the bug doesn't affect us and the TAC tol

Device certificate expires in 3 months

hello,
I recently installed the device certificate on the FW but the certificate is valid for only 3 months. Do I have to install it every 3 months ? Thanks! 

Panorama CLI commit process

Hi ,

Could you please confirm the cmd equivalent to "commit and push "  in panorama .

I am trying to commit the changes using Panorama cli . I tried using commit partial device group <name>  but changes are only showing in Panorama not on the firewal

my OneDrive for Business get block

HI

I try setup a policy to allow traffic for OneDrive for Business. but the traffic all just incomplete. My PAN os is 7.0.1, I allowed all onedrive, sharepoint, sharepoing online, office365, ssl and web browsing, but still cannot communicate with oned

Disable NAT from Untrusted to Trusted device

Hello!

I am trying to port forward port 25 traffic without a NAT to an email security appliance behind the firewall. The problem is when SMTP traffic is forwarded through the Palo Alto the client-IP address of all e-mail going to the email security a

daemon and processes.

Hi team,

I would like to know why Daemons and processes ids are getting suspended or not working.

I can see that which daemon stopped working by this cmd, 

and for example: routed is stopped and i have restarted the routed

Global Protect Gateway certificates when using SAML

We recently switched to using SAML (ADFS) authentication for connecting to our Global Protect Gateways.  These GP Gateways have a SSL/TLS Service Profile with a certificate signed by a CA created within the PaloAlto firewall that serves as the portal

packet loss

Hi,

when I am downloading file from internet , I can see lot of packet loss and congestion in wireshark capture analysis .

I want to make sure PA is the culprit 

How can I verify this  . 

I  have disabld QOS on PA

Thanks