Whys is Passive peer still passing traffic?

When I go to Monitor > Session Browser I still see active connections on the pasive peer.  I verified it is truly the passive firewall and the other is active and that its supposed to be in Active/Passive mode in the HA configuration.   Running the s

5200 upgrade from 8.1.5 to 9.0.6 and HA2 won't come up

Perform an upgrade from 8.1.5 directly to 9.0.6 yesterday on A/P pair of 5250.  The HA2 link won't come up on 9.0.6

This is from TAC,

Check the pan_dha.log in dp0-log and dp1-log for this error,

I was able to see the following errors that explain as 

Floating mangement IP for firewall

Hi All,

Can we setup floating management IP so that I can always login to active device ?

We do have option by setting management profile for interface, but looking for an option if we can set it up via management interface .

Thanks 

Using API to dynamically register and tag -- can IP address be a subnet or only individual address?

In one of our firewalls we have zone A which has network x.x.x.x/24, and zone B which has network y.y.y.y/24. There is a rule allowing traffic between them. Some high-ranking people at my company need to be able to block this traffic automatically at

PA-VM interzone routing

Hello,

I've configured up two interfaces on my PA-VM (management 10.0.64.3 with VMnet0 - 10.0.64.0/24 and data with VMnet1 - 10.0.0.0/16). Management is directly connected to PC with Windows and Ethernet 1/1 to FastEthernet0/0 on my switch. I've confi

How to get Evaluation License

Hi,

I have Palo Alto Customer support account, i need evaluation license for setting up lab for testing purpose before implement in production

How i can get this ?

Virtual Wire - Two Subinterface with seperate Tag Paired

Minemeld unable to login to web gui

I have seen a few related articles on here about this already, but I haven't been able to resolve my issue. I am receiving the following error when trying to login to the web gui: "ERROR CHECKING CREDENTIALS: Bad Gateway"

I found that the minemeld.

All site to site tunnels drop

We had an incident where we have site to site VPNs coming into the Palo.  The connection dropped and they would not come backup, even after dropping the VPN on both devices.  The end result was a reboot of the firewall and it came back up.  What I sa