Concurrent Policy Installation

Could someone help me from which PAN-OS version can we do Concurrent Policy installation ? 

For example : Admin A and Admin B can push 2 different Access Policy to 2 different Clusters ? 

User-ID mapping without ldap across an enterprise

Hi All,

not having the best day with thinking 

Palo Alto Scenario:

PA FW CLuster in HQ
Panorama Log Collector only in HQ
Standalone PA FW in SiteA
Standalone PA FW in SiteB
Standalone PA FW in SiteC
Standalone PA FW in SiteD

No Panorama mgmt in p

PAN HA with different SFPs

Hi Guys

quick question.. planning a pair of PA 5420's in HA - the plan was for each to have a 40gb QSFP+ module.

however on our secondary core switch we are unable to source a 40gb sfp in time.

So.. as a temp solution, will HA work if we have a 40G

Remove Domain Name from LDAP user mapping IMPOSIBLE =(

Hi

Someone know if there is a way to remove the domain name from the group mapping

The reason why is because i get from external source on palo alto the user id test1 or "test2" or "test3"

Goal is create a policy rule base on the source user that i

Type: INNR in session id detail.

Hi team,

What does INNR represents in type when looking at the session ID details.

I know that this happens at child session, when parent session ID belongs to the HTTP/2 ID.

If you guys have any idea about what INNR represents, let me know.

Threat Logs not showing specific source IP Address

Hello everyone!

Just have an issue that I can't seem to figure out.

In our threat logs, we are noticing that the source address shows the default gateway address rather than a specified address. We will get a specific address, however more often

Modified XML API for Top Users last 30days

Hi Support,

We want to get top all users for last 30 days  using XML API, how we get it?

This is XML API to get top 10 users (Worked

<type><panorama-trsum><sortby>sessions</sortby><group-by>srcuser</group-by><aggregate-by><member>src</member><me

what is the steps for SIEM integration in PA firewall

Security policy with sources on a CDN or domains with wildcard

Hello to all,

I would like to know how smart PAN admins would solve this problem:

suppose you have to allow inbound traffic from a source address that is:

- defined as a FQDN but you know from DNS that it is delivered via a CDN like cloudflare, akama

dynamic update fail 8786-8435

Hi,

Please advise if anyone face issue fail dynamic update for version 8786-8435. There are no any update for this and no error in paninstaller_content showed. I saw disk for pan config is only 33%. Anyone know what we can check more? Schedule upda

Palo Alto Machine Certificate Report for Cert-based VPN Authentication

I am looking to enable Certificate-Based VPN Authentication within our network infrastructure. Prior to implementing this feature, I would like to to run a Palo report to identify endpoints recognized by Palo Alto that possess machine certificates is

Panorama push errors None after upgrade

We recently had this issue where after upgrading firewalls to 10.1 the panorama gave a error on push to certain firewalls with description "none" which wasn't very helpful.  On further process eliminating we discovered it was only VM FW's in AWS the