NIPS

How do we identify NIPS logs among Paloalto Firewall logs ?

Firewalls communicating to public IPs on Management Interface

We are currently seeing the Management Plane of our Palo Alto Firewalls communicating to the following IP-Addresses:

• 34.96.84.34
• 107.178.249.217
• 35.238.108.32 

This communication occurs on different Platforms. We see more activity since PAN-OS 10, curr

AWS-Palo VPN Phase-2 Rekeying

HI Team

We have an issue with AWS Site to Site VPN, where we can see continuous rekeying of Phase-2 tunnels. It's a PA-3220 HA pair. It started happening recently as we can see previously the rekey did happen only after the Lifetime expired (Phase-

Can't use existing 'Object Group' in new Policies on 11.1.2

I'm converting from ASA to the PA 3410 running 11.1.2 code.
I am frustrated by the fact that every time I write a new policy/rule, I cannot use an already established 'Object Group' as the code forces me to make yet another new "Obj Group' even if it

User-ID Redistribution Agent : Close Connection to Agent

I am getting high severity alerts for user id connection agent Failure - Redistribution Agent <Agent Name> (Vsys1):Close Connection to Agent. Would appreciate if anyone can help me understand the log to check if the issue occurred due to firewall or

Need to upgrade PA 440 Firewall

I need to upgrade PA 440 from the software version 10.1.6-h6 to version 10.2.8 can you please provide me the plan.

Palo Alto PA 5220 running on 10.1.10 H2 is not mounting /dev/sd9 partition

When we booted up the firewall we're getting an error that AutoCommit failed to complete. This was seen while mounting the raid partitions, specifically /dev/sd9. After referring the documentation existing on Palo Alto community, in the link https://

Show IPsec tunnle uptime duration

how we can check IPsec tunnel uptime duration on PA as like on ASA we can see using show vpn-sessiondb detail l2l.

Regards,

Sufiyan

Planning to set the API key lifetime rotation - Authentication settings

Hi Team,

I have configured the API key lifetime which is set to never expire. Based on the advisories I am planning to set the key lifetime rotation.

The question comes to my mind is, if I setup the key lifetime rotation will it impact the existing

PAN OS 8.1.25-h3 for PA-850

Hello Everyone, 

In one of the branch, we are having PA-850 firewall with firmware 8.1.13 version running on it. Because of the organization limitation, there is no internet on the firewall so we couldn't actively upgarde the firmware version. Now

IPsec tunnel PA-Forcepoint Up but no traffic passing through

Hi ,

I'm configuring an ipsec tunnel between PA-5410  (route based )and Forcepoint Firewall (policy based), and showing up but when i try to ping from LAN-to-LAN i could not recieve any trafic or logs . from system log,

 ""PSec key deleted. Deleted

SIP TRunk over PA6-440 not working

Hi

we have just migrated from Cisco ASA to palo alto 440 firewall

we have a SIP trunk between IP telephony server CUCM installed on our site and another installed on remote site

the communication is done over a tunnel ipsec VPN

from our site we can p