Application Dependency Warnings different between two firewalls - HELP!

Hi all,

I am consolidating a lot of old, messy URL/App rules written by my predecessors.  I have one rule that is the URL filtering rule for "unauthenticated" users (i.e., those that aren't identified by the User Agents.)  It allows "any" appliation.

Connection Dropped intermittenty in Active/Active VM Series

Hi 

I have Palo alto vm series 8.1.0 installed with Active/Active HA setup. 

All the interfaces and vlans have come up and ableto access the zones hosts. 

But the connection getting dropped very frequently. say like, if i try reaching any other zones 

arp entry on virtual router

We experienced a loss of routing of two virtual server and their arp to IP information had to be added to a virtual router to get it to route. Any ideas how this could occur?

Application Submittal

First, awesome service that they do here.  I submitted an application a few months ago and the first version made it in to a content release within a month or so.

I'm wondering though if the form we use to submit couldn't use an extra field for "Note

Decrypt error (soap)

Hi,

We realised that we are receiving decrypt errors accessing to O365 from inside to outside. We are doing decrypt in sessions. But we dont know why the sessions are finished with "decrypt-error".

Any idea?

PAN Version recommended

Hello,

This is Paul Castro from ITstrap Mexico, i would like to know if there are a KB or documents to know wich are the recommended Operating System to install in different model devices.

For example:

PAN 200 install 4.1.6 PAN version "recommended"

PAN

rule being matched incorrectly and allowed on ANY url

Why is this traffic matching "RULE 108" when URL_Category is not matched?

Speed Issue due to QoS

Hello,

I am experiencing speed issues that I believe may be related to the current QoS configuration on my PA-3020 firewall. I currently have 2 different QoS classes defined: Class 1 & 2. I have three applications under class 1, and one application u

user id not identifying user correctly

Hi All,

In the middle of a domain migration and users that have been migrated are not being identified correctly. The user that is logged into the new domain gets a blocked message but on the blocked message where it displays the username it shows the

Web-browsing application being identified instead of SSL on port 443.

We just noticed that in our traffic logs there is traffic with the web-browsing application identified with a destination port of 443. The rule it is hitting on is only a port based rule with 80 and 443 as dest ports. 

My question is why would the tr

Setting GlobalProtect interface mtu

Is there a group policy setting or any way to set the MTU on the tunnel adapter on a Windows client other than doing it manually?

Thanks