SNMP BULK REQUEST

Hi,

Is there any way to disable SNMP Bulk request on 1410 with PANOS 11.1.4-h1. I am unable to see any option in Device --> Setup --> Operation --> SNMP

Duplicate DNS packets

I'm encountering and issue where we are seeing duplicate DNS (UDP) packets coming out of the palo to the resolving server. Specifically TXT records with multiple packets at the server (resolver) side vs. the normal request/response. At the client sid

Bonjour mDNS Reflector Layer 3 Vlan Interface

Just curious if anyone out there knows why Palo Alto has never implemented the Bonjour Reflector feature in Layer 3 Vlan interfaces.

PAN implemented this a long time ago but it is only available on physical Layer 3 interfaces (or subinterfaces) or

How to allow a user only to push the changes made by him/her on Panorama

Hi Team,

How do I allow a user to Push only the changes made by him/her.

I tried restricting the access using "Allow push for other admins" option but this is disabling the access for any push.

I've tried multiple options but none of them is helpin

PAN-OS 10.2.17 HA A/P - Mgt interface reported as duplicate IP of data interface

After installing PAN-OS 10.2.17 to a PA-440 HA A/P pair  ( to address - CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface . ) 'duplicate IP' system logs reported where the stated MAC address appears to be the fw m

OSPF & Static Routes

Hi, 

I have OSPF configured on PA460 firewall with profile redistributing Static. I have another redistribution profile not to redistribute certain subnets/routes. Now I want to add some new routes with metric higher than that of OSPF. Will these rou

LACP Features on Palo Alto Firewall

Hi Team,

I would like to ask whether the Palo Alto Firewall has the following two features:

1. LACP Graceful Shutdown

2. LACP Suspend Individual

Regards and Thank you

NGFW 

Which model is the rack mount kit for the PA-510?

In the datasheet, the rack mount kit for the PA-510 is listed as “PAN-PA-400-RACKTRAY”, but in the technical documentation, it’s written as “PAN-1RU-4POST-RACK-10.”
Is there a qualified Palo Alto Networks staff member who can confirm which one is actu

possibility of secure MQTT's decryption at Palo alto firewall

how can we decrypt MQTT's port 8883 traffic at palo alto firewall, or is it possible.

Palo Alto CGNAT block issues with GeoBlock rule

We just migrationed from Cisco Firepower:

We have some Negate Geo block rules that will block any country that is NOT on the lists of allowed, but now it is unintentinally blocking CGNAT addresses. We would still like to only allow US CGNAT's but the

Link and traffic priority on palo alto

Hi All,

We are using one isp link for internet browsing and 2 site to site tunnel. Now we have procure another isp link and want to configure it as a primary for internet traffic and one location (India) site to site vpn.

Below my approach to achieve

Issues with SSH and Telnet access only on the passive firewall. GUI access is working fine.

I’m having an issue accessing the passive firewall in my cluster via SSH or Telnet. I can access it normally through the GUI and authenticate using LDAP or my local admin user. The active firewall authenticates both GUI and CLI without any problems.

Abnormal display of traffic log BYTES filed

The customer found that some traffic logs have extremely large bytes, reaching 281.5T,

Looking at the log details, it was found that:

Question 1：

Details:

Type end

Bytes 281474976579754  ---- I think this is an incorrect display?

Bytes Received

validation error "poe unexpected here"

I'm trying to push policy from Panorama (11.1.6) to a PA-440 (10.2.13).  In Panorama, when looking at the config of an interface such as Ethernet1/1, it has a tick box for "PoE". However, on the same dialog on the PA-440 there is no PoE depicted. Now