App-ID - ms-rdp not allowed, traffic being blocked as cotp

Hi All,

Were running 7.1.14. 

Ive created a rule to allowed ms-rdp to the rule. Ive checked first if ms-rdp has any dependencies, there is none. It implicitly uses cotp and t.120.

So from what i understand from the meaning of Implicitly uses, i only n

Usage Difference between SSL Forward Proxy and Inbound Inspection Decryption mode

Hello

i have read the articles regarding the types of ssl decryption:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV8CAK

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/decryption/decryption-concepts/ssl-forwar

Template Stacks for HA (Active\Passive)

Looking to deploy template stacks to all of our managed firewalls from our Panorama 8.1.x. I am wondering how to deploy STACKs with values unique to each individual in a HA (active\passive) pair. Some settings would include:

Hostname,

HA configuration

Palo Alto 8.0.7 basic ospf configuration not working with aruba switches

Folks,

              We have 2 Palo Alto FW and 4 aruba switches in the same area (area 0), we are noticing that the aruba fw is loosing neighbor relationship with the routers every couple of seconds 30-60 seconds. The configuration is very simple, an

Adding filter "?v=panosurl" broken access to all websites

Custom URL category is configured to block phishing URLs collected from Linux MineMeld server through EDL. For some reason adding filter "?v=panosurl" (https://10.9.0.60/feeds/phishing-url?v=panosurl) to retrieve URLs in PAN-OS supported format (malw

9.0.3 -h3 - Possible bug?

Hi, 

anyone had issues after updating to this version? 

We had strange behaviour accessing some websites stating that 'File Transfer Blocked' there was nothing showing in the logs. 

We rolled back to 9.0.3 and problem went away. Possible bug ?

D.

BPA First Time Configuration Merge with Production configuration

Hi Team, I have completed BPA Day one Configuration and would like to merge those best practice with my Production configuration back. Please suggest the best way to implement. thank you

Global Protect external IP address - Best practice?

Hello, 

We are a moderately-sized customer without an assigned sales or engineering resource due to account transitions.

We are in the process of moving to a new ISP and it has been suggested by internal resources, for other reasons, to utilize the s

Cisco ASA multi Context migration

I am migrating a configuration over from a Cisco ASA that uses multiple contexts and have several questions about how to replicate that in a PA.

1. The ASA's use port-channel groups and for the internal and external those are shared. On the inside in