Change Geolocation IP Address

Hi When going to threatvault -> IP Feed our customer noticed his IP is wrongfully shown as US. How and where would one request to update the feed? Thanks,

SAML authentication with cookies won´t work

Dear community, In our globalprotect setup, we have client certificate authentication in the portal (transparent for user) and SAML authentication in the gatewayWe have enabled cookies in the gateway, so after first SAML authentication, the firewall won´t intitiate authentication again wile cookie lifetime is available.We have disabled single ...

GP with saml authentication always redirects to idp

Hi community! In our globalprotect configuration, with SAML authentication and cookies in both portal and gateway, we observe that the firewall will redirect to the idp always, regardless of using cookies for authentication. We can see in the GP logs the cookies are being used but in the auth.log we see the redirection from firewall to idp. Th...

Existing traffic stops suddenly, and changing of interface MTU resolved it.

Hi Community, I have query related to the current issue. I need to dig it more and want to know about the behavior of issue.Issue: one of the public website is stopped working suddenly, and user unable to access the site.Behavior is previously it was working and the same MTU value, but its stopped.I got to know with the counter below client hell...

Account Permisison

Team,After logging in I am unable to access the following areas, please see the attach image: -Costumer support -Knowledge Base Could some please provide guidance on how to solve this issue? Thank you in advance.

Beginner Question Best Way to Structure Policy Design in Palo Alto Firewalls

Hi everyone, I’m fairly new to Palo Alto Networks firewalls and currently learning PAN-OS concepts in a lab environment. Right now I’m trying to understand the best approach for structuring security policies properly. I understand the basics (zones, rules, objects), but I’m a bit unsure how to design policies in a clean and scalable way for real...

Cloud NGFW: Mandatory Panorama Upgrade to 11.2.7-h4 or higher for managing Cloud NGFW Firewalls.

Mandatory Panorama Upgrade to 11.2.7-h4 or higher for managing Cloud NGFW Firewalls Symptom Panorama may see issues managing Cloud NGFW for AWS and Azure Firewall Resources if not upgraded to version 11.2.7-h4 or later by April 07, 2026. For Cloud NGFW for AWS, Panorama Managed Firewall Resources may see issues if Panorama AWS Plugin is not u...

EDL Capacity Reached but Lists Show Empty / Default Entry (0.0.0.0/32) – Panorama Multi-VSYS Setup Post:

Hi Everyone, I am currently facing an issue with External Dynamic Lists (EDLs) in a Panorama-managed multi-vsys firewall setup and would appreciate your guidance. Scenario: EDLs are configured on Panorama and pushed to a multi-vsys managed firewall. The EDL source URLs are reachable, and the .txt files contain valid IP entries. The EDLs are cor...

Global Protect application blank screen

Hello Members, Can anyone help me to solve the global protect blank screen issue on my PC, as for others it normally works fine. I am using Windows 11 and I have already removed and re-installed the GP App but still it shows a blank screen and I am not getting the login page to enter credentials and login to the GP VPN. Thanks in advance.

Internal error during selective push config generation

We are currently seeing the following message when issuing a commit & push from Panorama 'Internal error during selective push config generation'. Panorama has recently been upgraded to 11.2.11. Another LiveCommunity post describes a similar error message appearing in 10.2 but it is not quite the same. - https://live.paloaltonetworks.co...

First-time poster exploring best practices for security design in PAN-OS environments

Hi everyone, I’m new to the **Palo Alto Networks community and currently learning my way around firewall policy design and general architecture concepts. Right now I’m trying to better understand how experienced engineers approach things like: structuring security policies in a clean and scalable way balancing simplicity vs. granularity in rule...

Beginner Question Understanding Basic NAT and Traffic Flow in Palo Alto Firewall

Hi everyone, I’m currently learning Palo Alto Networks firewall basics and trying to better understand how NAT and security policies interact in real traffic flow. I have a simple setup where internal users access the internet through a NAT rule, but I’m a bit confused about the order of operations and how the firewall decides when to apply NAT ...

I'd like to download global protect 6.2.6-838

PA1420 HA Mode stucks in Initial (HA Initializing) mode for too long

HI All, We have an Active Passive PA-1420 which is connected together via H1-A and H1-B together. But when we restart the nodes or either of the nodes, the Passive PA stucks in Initial (HA Initializing) mode for too long. The last time i checked We restarted the devices at 12:25:00 and I last time checked 1:00:00 it was still in the same m...