PAN DB URL Filtering - HA

Has anyone in an active/passive HA cluster experienced all urls logs being catergorized as 'not-resolved' after failing over to the passive box? We have had this happen multiple times now, to fix the issue we have re-download the seed database under

Decryption problem

We have such a problem with Microsoft Exchange OWA which we have recently published through Palo Alto.We have installed certificates with private keys,created necessary rules for PBF and NAT.

Everything is working fine except decryption.We can see in

SSL Decryption Session Limit

Hello 

We are planning to implement the SSL Decryption in our Enviornment. We would like to know how the session limit is counted in the firewall. 

Also is there any session limit for the PAN OS 7.1.3 and if yes what is it.

Also if we upgrade to vers

Palo Alto MPLS failover

Please give me a best Solution

I have one Palo alto firewall and Branch end Cyberoam 

I need to do MPLS VPN Failover between both device any suggetion it will work or not

palo alto MPLS supported or not ?

Thanks regrards

Hiroli Mohsin

Global protect problem in MAC

There is some problem regarding global protect in mac comps

not asked for username and password

Skype audio and video problem

hello

We have some problem with skype.Inside the company we can use skype application.But when we try to call by skype outside the company call and video dont work onle chat.But inside network we can use all features.

When we test the skype without Pa

Is there any easy way to check Daily Log and how Retention working?

Expect this stupid calculation - https://live.paloaltonetworks.com/t5/Management-Articles/Panorama-Sizing-and-Design-Guide/ta-p/72181

 Is there any easy to check log capacity depending on daily, weekly, monthly? this is so ridiciluous that doing calc

Talos Blacklist

I am trying to create a miner/processor/output nodes for the talos black list ( https://talosintelligence.com/documents/ip-blacklist ) and am failing. Has anyone got this to work?

One GP portal, forward select users to alternate firewall zone?

Hi all,

We currently have a single GlobalProtect gateway, single portal VPN configuration which happens to work really well (currently running on a single PA-3020). This gateway/portal combination first authenticates against LDAP (employees) and then

Amazon Echo Alexa video calling issues

I'm a current Palo Alto Home user.  I've been able to figure out issues with current APP ID's that are not listed for most home use for IOT devices.  I'm trying to see if anyone has figured out how to let Amazon Echo Alexa Video calls go through usin

Email config audit on change.

On our old firewalls we used KIWI CATTOOLS to pick up configs hourly and compare them for differences, this sort of works on the Palo but each night it seems to generate strange changes in the configs.

Ideally I would want to send out the config audi