Wait time

What's up with the horrendous wait time to speak to a tech regarding a case? Been on hold for over two hours.

Getting Inbound connections from Malicious Palo Alto IP

Hello all,I've recently detected inbound traffic from an IP address 147.185.132.201 where the ISP is showing as Palo Alto Networks, Inc. The IP has a malicious reputation over VT, AbuseIPDB, and IPVoid. Can anyone with information about this IP address share their insights? Have you noticed any unusual activity associated with this IP? Are there...

Certificate Expired Warning in Deploy but all certificates are good

The Sub CA Certificate of our old internal PKI expired a few days ago. It didn't have any impact and wasn't a security risk, but today i cleaned everything up. Problem is, i still get a warning on one of our firewalls. Certificate %redacted% in shared expired on %redacted% I triple checked the configuration and the new certificate i configur...

AIOps page is showing blank

OpenConfig automatically installed with 10.2.11-hx upgrade

We installed 10.2.11-h6 on a pair of virtual firewalls and the OpenConfig plugin was automatically installed and a new Device Administrator user called __OpenConfig was added. Is this documented anywhere? I can't find it. And why do I need this plugin?

VM series log not detected in Azure Sentinel

Here’s the problem statement: 1] If Syslog UDP 514 is configured in PAN FW on-prem and vm-series, There were missing logs in AZ Sentinel, Incomplete logs is experienced and there were packets fragmentation.2] MS Sentinel support recommended to changed syslog transport UDP to TCP 514.3] If Syslog TCP 514 is configured in PAN FW, On-prem able to s...

DHCP Relay - Users unable to get IP address until I delete and re-add the servers

There are plenty of IP addresses and not that many users, and sometimes the users are unable to get an IP address, but when I delete and re-add the servers in the DCHP relay, they are able to get IP addresses again, this happens frequently on and off.

Google URLs not-resolved

I know this has happened a few times over the last year but is anyone currently experiencing issues with various google urls getting flagged as not-resolved again? The ones that seem to be popping up the most for use are various drive.google.com, docs.google.com and googleapis.com. Cli shows base-db as not resolved and cloud db shows correct. ...

cannot commit as one service keeps shutting down

first here is the specs: Firewall : Pa1410 version : 11.2.4-h1 here is all the details of the issue : 1- device > syslog -> syslog profile -> custom log format -> and changed the default format of GlobalProtect to location=$location, portal=$portal, actionflags=$actionflags, attempted_gateways=$attempted_gateways, auth_method=...

Blocking unknown devices that are not within the domain

Hello everyone, I am a Palo Alto PA-450 user. In our organization, we removed around 20 computers from the domain due to their outdated versions. However, these computers continue to log in using the credentials of the last user who logged in while they were still in the domain. This is not a major issue for us. The problem is that these compute...