Next-Generation Firewall Discussions

Meta Apps bypassing Captive Portal Authentication

Hi Everyone,

I am asking your expert advise on this issue:

We have an AP in bridge mode that is directly connected to Palo Alto. The firewall acts as the dhcp server and the AP just extends/bridges the network wirelessly. This setup is for Wirele

PANOS upgrade 10.2.10-h9, 10.2.12-h4 and 10.2.13-h2

Hi Experts,

We have PA-5450 and Panorama M-700 running on 10.2.8-h3. We are planning to upgrade PANOS to the latest code in the 10.2.X series. While reviewing the Palo Alto documentation, I found that 10.2.10-h9 is the preferred version. However, t

Interface Errors after upgrade - VM Series

Hello,

we upgraded our Palo Alto VM to 11.1.6-h1, after the upgrade the monitoring system gave us warning about the errors increasing on the Firewall interfaces but the clients did not report any issues, so it's not affecting them at all,

this is

Protecting Admin UI with Duo MFA

I'm attempting to setup Duo MFA with the admin UI of a PA-3220 running PAN-OS 10.2, but have been unsuccessful. I've found that the guide, https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/authentication/configure-multi-factor-authentication

Upgrade on the 1410 Apps failing

We have a new 1410 which has an Active Threat Prevention license and running on 11.0.2-h10. We are trying to upgrade to 11.1.6-h3. 

When I tried to update the apps, to  I am getting the error panupv2-all-apps-8953-9331. Does it need an earlier upda

Hardware Refresh from 820 to 445, able to copy config from 820 into 445?

I need to refresh an 820 to a 445 then another pair of 820s in HA to a pair of 445 in HA. Using on the box for management, no Panorama.  Can I take the configuration from the 820s and load it into the 445s? 820 are currently on 10.1.14-h8. If not, if

Well knows URLs are getting marked as not-resolved and traffic getting blocked in Advanced URL Filtering in PA-450 box

We recently implemented a PA-450 firewall box in the organization and well knows URLs are getting marked as not-resolved and traffic getting blocked in Advanced URL Filtering. Any certain configurations we need to modify to avoid this? Find more info

Many ping drops during failover

We have a setup as shown above and when we do a failover testing (power off the active firewall), we see atleast 15 ping drops when we ping devices from one vlan to another, The vlans are configured as sub-interfaces on the firewall. Switches are ju

Azure Plugin - Automation

Hi everyone,

I am searching for a way to automate the creation of Server Principals and Monitoring Definitions in the Azure Plugin Section. Does anyone know if there is a way to do that? For example via the API?

System Log High :tls-X509-validation-failed

We are receiving a system log on our PA440 suddenly:
PublicCloud Server certificate validation failed. Dest Addr: (null), Reason: unable to get local issuer certificate
we have no decryption and we have a certificate chain.

Multi Vsys Firewall config backup through API

Hi All, 

Anyone have Idea or API query to export the Full configuration on the Multi vsys Firewall. 

Unable to Login on Secondary Device in Active Passive HA Using Superuser

Hello Team,

We are currently facing an issue with logging into the secondary firewall in an Active-Passive HA setup using any superuser credentials other than the admin credentials.

When we create a new superuser account or make changes on the ac

HIP-Check for tennant id check with regestry (CID)

Hello, im trying to do a hip check for the registry of the CID for CrowdStrike. 

in this link you can find the registry path and the registry itself for the CID.

https://stackoverflow.com/questions/70030265/how-do-i-view-alphanumeric-registry-values-

PA-1400 Series Power Supply Specifications

Hello everyone,

I would like to know the following three points about the specifications of the A-1400 series power supply.

1. The maximum power consumption value is different between the PA-1400 series spec sheet and the hardware reference.

Is t