IP to local address object/hostname resolution.

Prior to an upgrade Panorama was able to resolve an IP address to the host/object name of a local address object.
For some reason, the resolution has stopped working and support seems to not know what I am referring to but yet it is discussed here 

htt

Python Script

From Pan-OS 8.0 - 8.1.6, there is a bug when using FQDN's in rule sets.  Until we're ready to upgrade, I need to run a script to force a FQDN refresh, cli is "request system fqdn refresh force yes".  I'm really new to Python, but have created my API

NAT Only works part of the time

Ok, Who knows what's going here...Here is my Scenario..

We're looking at a new Phone Platform and I'm only able to get a NAT to work part of the time.  First, when the IP Phone loads, internal address of 172.23.1.1, It connects out to the Platform IP

SSH connection drops randomly

An SSH connection to a particular server drops randomly (usually 20-60 seconds after login). Between the client and the server is a Palo Alto firewall with SSH decryption disabled.

What I tried so far

 - regenerated ssh keys on the server
 - added to se

PA-5220 Decryption Performance Degradation

We have a cluster of PA-5220 firewalls with SSL decryption activated. When initiating a communication across the firewall using a decrypted protocol (scp, HTTPs, etc.) we get 5x slower connections compared to the unencrypted versions of the procotol.

remote vpn on iphone and android config?

i successfully configured remote vpn client for windows to function but the customer is asking for vpn using mobile phones? would it work with the exist configuration? or does it need other kind of configuration? does the mobile phone pull the client

SSL Expired Cert and SSL decryption

We have vendor site which we access.

Recently their SSL cert expired and when I try to access that website chrome shows cert is invalid and still in brower it shows

it is decrypting the website and i can see the PA cert there.

Traffic log shows isessi

Dynamic External Lists for Hostnames

Trying to figure out the best way to accomplish a task. 

1. We have a "Suspicious" rule on our firewall that should be where we place hostnames for users that are observed to have questionable traffic.
2. This will be a dynamic list that will be updated by a

Lost communications via HTTPS

Hello all,

I had a problem with a PA-220, version 8.0.9.
Suddenly I lost HTTPS service for the management interface, It was still working but I only had access via SSH.
When I entered #show deviceconfig system service I couldn't see the services HTTPS &...