Planned Service Maintenance for the Cloud Services- GlobalProtect Cloud Service infrastructure

Dear valued Palo Alto Networks customer,

Please be advised that we have a planned service maintenance for the Cloud Services- GlobalProtect Cloud Service infrastructure scheduled from 05/21/2018 8am PST to 05/23/2018 8am PST. 

We expect the service

Wired and Wi-Fi network hopping and DHCP Server default gateway route metric increases

At my remote offices, I have users that want to leave WiFi and wired on at the same time.

I have redundant PA-220's that serve as my local router and DHCP server for both wired and Wi-Fi.

The wired and wireless connections are in different networks (

Error exporting certificate: Failed to prepare certificate 'NAME_OF_CERTIFICATE' for export

Hi,

I generated the certificates on the firewall for Global protect portal and trying to export the file no matter what format, I am getting the error message saying  failedto prepare certificate. I am using windown 10 but another user accessing the

Panorama log settings wildfire is invalid error on commit failure

Hi

We are using panorama 7.1.11 to commit to a pa-2050 on 6.0.1.

The commit keeps failing both form panorama and firewall.

This is the error in the commit window and I see not such options for a setting like log fwding - profiles!

Appreciate any help

taxii._decode_object_properties ERROR - Unknown IP version

Hi all,

during the IoC import from Taxii Feed (FS-ISAC) to Minemeld through a Miner Taxii client (minemeld.ft.taxii.TaxiiClient) i've found some issue in minemeld-engine.log:

2018-05-12T15:45:05 (50697)taxii._decode_object_properties ERROR: node-Prova

2 factor authentication and radius on global protect

I see where you can do radius authentication on the global protect client, does that mean you can also do 2 factor authentication?

Global protect problem

There is such kind of error when one try to connect to portal

how it can be resolved?

Dynamic Updates only on Active HA Member.

Our active HA member failed last week, and that highlighted that the passive had a couple of minor issues with the Dynamic update configurationa and email configuration which we fixed.

Howevr it's also highlighted another issue.

Our "Content Updates"

Destination NAT for mutilple of ports in a single NAT rule

So there will be a range of ports that need to be NATTED, but on the GUI, I can only specify a single port.

Can anyone tell me if this will work if I leave the port empty like below:

set service-group "Veeam Management" members [ "Veeam 2500-2600" "Ve