Identifying Source IP Addresses for Routing Palo Alto Firewall Logs to an Azure Collector via IPSec Tunnel

Hello,

As part of the implementation of log forwarding to an Azure collector, we would like to identify the source IP addresses currently used for routing logs from our equipment.

An IPSec tunnel is already in place between the front-end and Azur

Questions Regarding Output Difference in "show ctd-agent status security-client" Command

Hi Team,

I have a question regarding the output of the “show ctd-agent status security-client” command.
My understanding is that this command displays the connection status between the firewall and the content cloud.
In our customer’s environment, I

Request: List of GTIN / UPC Barcodes for Palo Alto Networks Products

Hi everyone,

I’m looking for a complete list (or official source) of GTIN / UPC barcodes for Palo Alto Networks products — including firewalls and accessories.

We’re integrating Palo Alto products into an eCommerce catalog and would like to ensure ba

THREAT MAP on GUI is unable to export

Attention: Global TPM team,

THREAT MAP on GUI is unable to export in PAN-OS 11.1.12.
I found the below issue. In PAN-OS 11.1, when do this issue fix?

// PAN-OS 11.2.8 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-2/pan-os-release-notes

"PANDB Cloud Agent Server certificate validation failed. Dest Addr: , Reason: unable to get local issuer certificate"

My PA-3410 is showing me the following error "PANDB Cloud Agent Server certificate validation failed. Dest Addr: , Reason: unable to get local issuer certificate"

sw-version: 10.2.13-h5

resources-unavailable for DNS-base traffic

Model: Palo Alto PA-3420
Software version: 11.2.4-h1

Most of our dns-base traffic has the "session end reason" resources-unavailable suddenly. We're also having trouble loading webpages. The resources-unavailable reason is only on DNS-base traffic a

Feature Request List

Hi community

In a lot of topics there are discussions and questions about PAN-OS enhancements and missing (not yet implemented) features. So far the PaloAlto Feature Request list isn't available to the public but in a lot of these existing topics f

Clarification Needed on Multiple Static NAT Rules with the Same Public IP Address

Hi Community,

I’m working with a customer who had previously configured a dynamic IP source NAT rule with only one address in the pool. This setup worked as expected for just one PBX since after the first session, the public IP would be in use, limit

Restrict Individual Administrators by Interface or IP

Is there a way to restrict access for specific administrators by interface or IP address? I really thought I'd seen this somewhere, but now I cannot find it in GUI or docs.

Quick explanation of what we want to do. We want to have a sort of backdoor, e

OSPF Adjacency Fails Post Upgrade - needed new rule

OSPF failed recently after an upgrade and required a new rule to allow the ospf application between our NGFW inside zone and our core router. We moved from version 10.2.7-h8 to 10.2.7-h18 . Anyone ever seen this? 

-Nathan 

API pagination for Panorama address object

Hi All,

I am trying to confirm what is max number of entries can API query return for address object .
Like we have around 50k address , will API query will fetch all data in single page or it will fetch specific number of entries  ? or we need to use