Why paloalto-updates application is SSL now?

Since 03/April/2017 02:00 Firewall detect paloalto-updates application as SSL then firewall can't update new signatures because there is no SSL allow in policy.This problem occur to my 3 customer now.

Do anyone have the same problems?

Customer 1Custo

ike-generic-event-remote address mismatched. db=49.224.86.11[24497], act=49.224.86.11[4173]'

Trying to establish ipsec tunnel comes up and then disconnects after above msg.

Other side has roming sim in the 4g router.

What does db and act means.

I have tried enabling NAT-T on my side but didnt help.

high management plane with using acc

I was running a 7 day query on the application ssh and noticed that the management plane level hit 99% is that normal that seems bad to me

MS Windows 'Auto-VPN' and UWP

MS Windows 10 has the concept of 'Auto VPN' which will make use of their UPW plug-in architecture.

Universal Windows Platform (UWP) VPN plug-in platform are built on top of the Windows VPN platform

I am told There are a number of Universal Windows Pl

RDP over VPN login only works after 2nd time?

I've configured and established succesfully a GlobalProtect VPN connection to my firewall (PA-3020). I want to create a RDP session to a server,I login to the GlobalProtect portal on my Windows 10 client and start mstsc. The first time I connect to t

Data-Filtering ALLOW

I am using PAN-OS 7.1.

I have figured out how to use basic data-filtering to block traffic with certain patterns in the payload, but I want to do the opposite. I want to configure a rule that will only ALLOW packets with a certain pattern, and automa

interface to interface connevtivity not working

hello - apologies in advance but im a newbie on Palo Altos - come from working on Check Points and Junipers and am now here tasked to set up a palo alto.  I've got my network working to where all the vlans hanging off of the PAN can ping it and it ca

Google Search

Hi

Anyone have any tips or tricks around forcing a particular country for Google search? Currently our IP address is misregistered in the Google database and we are being redirected to a foreign location. 

Thanks

Recommended PANOS version

Hi Guys,

I would like to know if there's any resources that provide information about what recommended versions of PANOS to be upgraded to or from? Also, what caveats one might face during the upgrade process?

Thank you,

Dennis

Layer 2 v. V-Wire

Anybody think of a situation where I would prefer a layer 2 connection over a vwire in a basic setup? i.e. [users]--[core switch]--[PA]--[router]

Right now I have:

([switch] --VW--[PA]--VW--[router])x4

Moving (becuase of lack of PA support for LACP L

Skype on PAN 8.0

Hi 

Has anyone had issue with Skype on PAN 8? This week we needed to bypass decryption of *.skype.com to get Skype to work on the Apple iOS Skype app (consumer Skype). Our setup inspects all ssl traffic apart from the finance /banking / health catego