Query on Load configuration snapshot operation

Hi,

We are trying to take config backup in firewall. We have saved named config snapshot with name lets say "config" . As next step instead of doing export named configuration snapshot we have selected Load named configuration snapshot and loaded pre

New software 11.1.6-h3 network issue

Hi guys，

May I ask if any of you are currently using the latest  preferred version 11.1.6-h3?

Recently, I upgraded my firewall from 11.1.4-h9 to 11.1.6-h3 in my lab (VM workstation environment), and my firewall has become very slow.

I am unable

APP ID

Hello Techie,

I've one generic query related to aap id feature, one of the PA docs says it requires 4packets or 2000bytes to identify any single applications where in live scenerio I do see see it works with only 1 single layer 7 packet(C2S/S2C) ca

Decryption: List of App-IDs that require decryption

This is a re-post of an earlier post of mine that has been buried, but this time with a little more context.

Is there already a central location where all app-ids that require decryption to use/discover are listed? It's called out in the content re

Restart button is grayed out under both IKE Info and Tunnel Info on IPSec tunnels

Hello folks,

I am not sure when this happened but I suspect it when we upgraded to PAN-OS 11.1.3.

On my PA-3250 when I go into Network > IPSec Tunnels in PAN-OS, and then click either IKE Info or Tunnel Info, I am no longer able to restart the connec

license for PA-220

Hi,

I am a private user, and wanted to purchase the PA -220 device. but I wanted to know where should I go to purchase the basic threat protection license for this device?  am based in Italy and probabaly would be easier if there is some online store

External Dynamic List is not showing while creating a policy.

I am trying to create an external dynamic list to block incoming traffic from some IPs. I have created an EDL list listening to a server on LAN to fetch the IPs. However when I am trying to create a policy the EDL option is not showing under the drop

Soft and hard lifetime in IPSec

Hi,

I think I understand what is soft lifetime, but I can't see anywhere in Ipsec config to set it, is it something that palo alto set by default based on the hard lifetime.

Also having some issues with my tunnel and when set the debug the soft lif

Tunnel inside of Tunnel

I have a site to site configure and tunnel established between palo alto and juniper vsrx.  I am trying to route an IPSec tunnel through the existing tunnel.  I am able to ping through the existing tunnels so connectivity exist.  I have applied and "

OUTLOOK.EXE

Hello Everyone,

can someone provide me with information why this Executable (OUTLOOK.EXE9 is generating alarms in Cortex?

Thanks

DNS-related issues - PAN-OS 11.1.6-h3

Hi,

We’ve been facing some DNS-related issues on one of our Palo Alto firewalls running PAN-OS 11.1.6-h3. Specifically, we’re seeing this event:

PAN_ELOG_EVENT_DNS_CLOUD_TIMEOUT Description: DNS Security cloud query timeout Type: dns-security Sev

Conditional Advertisement, Revert Back Options

Good day all, I was working with PA support I may be just be getting confused with the information.

I'm trying to use conditional advertisement to advertise a single subnet via BGP only when another a particular learned route is down. I got this po

I have a question about capture conditions, etc. when using packet dump in IPSec VPN.

Hi

I am experiencing latency between Palo Alto of internal server and peer of internal server in IPSec and am trying to perform packet dump on Palo Alto firewall.

And I performed packet dump with the following conditions

However, Syn and Ack pack

URL filtering is not functioning as expected.

Hello Team,

We are experiencing an issue with URL filtering on a Palo Alto PA-440 running version 11.1.4 -h7. Despite having valid licenses, URL filtering is not functioning as expected.

Here’s what we’ve tried so far:

1. Cleared the cache and deleted