Resolved! GlobalProtect gateway client configuration failed

Hello,

We are using PAN-OS 8.0.0 and GP agent version 4.0.2 

We cannot set any IP address for the Gateway. If we try then it auto changes to 'None'.

The output from the show global-protect-gateway gateway command shows there are two gateways.

But accord

Resolved! User Group Count Exceeds threshold

Recently upgraded to 8.0.9 from 7.1.x with mutiple devices from PA200 up to PA3050, Using UserIdAgent against an MS domain. managed via Panorama.

Started getting notifications in thes system log along the lines of 'User Group count of 7492 exceededs

Resolved! How to set CLI output in Operational mode

Hi everyone,


I'm working with different models of PaloAlto firewall (all of them have PANOS  and  I want to develop an automatic service on them to get the CLI output and parse it to get data I'm interested but, to do that as easy as possible, I want

Resolved! Packet Descriptor Atomic Size and Total Size what does number indicate??

Today we have routing issue that caused the Packet descriptor to go 100 and Caused the max CPU on 5220 to 100.

sh running resource-monitor ingress-backlogs  show

few sessions using 42/% and 39%.

atomic shows 81% total 99

I had to clear the sessions q

Resolved! 'unknown ikev2 peer - Azure

Hi,

I have several Azure sites with an active-active gateway and 2 different ip.
I have a Palo Alto pa-820 with 8.1.12 firmware, 2 interfaces with 2 different communication providers and different public ip.
What makes a tunnel ikev2, bgp and peers.

Sch

Resolved! Global protect Compatibility Check

We are planning to go with the Preferred GP version 5.0.7. As currently the users don’t have the privilege to upgrade to this version on their laptop, is it ok to first install the GP on client systems through Active Directory Group Policy and then u

Resolved! Same CLI commands with different cli output for Palo Alto Firewall

hi,

I am experiencing a strange behavior for 3 Palo Alto Firewall. The same 2 CLI commands to check if the firewall has implicit deny rule and logging in place. Commands are as follows;
#show rulebase default-security-rules interzone-default | match ac

Resolved! Is there a secure way to generate XML API tokens?

I've been trawling Google for a while now trying to find an alternate way to generate the XML API token. However there only seems to be one method to do so.

Maybe I'm a little paranoid, but it seems really insecure to send your admin username and pass