System Log "'tls-X509-validation-failed"

Dear All,

As today 31-May, 2024, From PA Firewall it show system log on "tls-X509-validation-failed" CloudAuthService Server certificate validation failed. Dest Addr: app-registry-service.apps.paloaltonetworks.com, Reason: unable to get local issue

VPN over Multiple ISP connections

Hi,

I am new to the PA world and I have the following design been given to setup. I am trying to find the best way to do this. I have done in Fortinet by creating SDWAN interface and it worked but not sure if Palo has the same kind of setup. If som

Log Retention for PA-1400

Hi,

Specifically for PA-1420, I aware the storage capacity is 240GB. Is there anyway I can know the duration of log retention for 700 users?

From what I understand, log retention is affected by the space on disk, not on the number of user. When y

Send File to CDL Receiver Failed

Hi all,

I have a PA-440 currently at 10.2.7-h3. 

After performing PAN-OS upgrade, there is an error on telemetry stating "Send File to CDL Receiver Failed". 

I found a similar article and applied the suggestion by retrieving the license key

Unable to get PCCET Certificate

Dear ALL,

I have completed all my exam for PCCET certificate but i am unable to get the PCCET certificate.

i have completed below exam and attached the certificate.

SASE Fundamentals

Cybersecurity Fundamentals

Security Operations Fundamentals

Cloud S

URL Logs do not appear for more than 3 days

User Activity sharing the URL logs for only the last three days, even after editing the log storage and retention setting for the URL summary.

Allow dark trace rst packets

We have a 5220 at the core of our network making east / west decisions between LAN segments and dark trace (DT) appliance. I currently have the DT appliance configured to take autonomous action with DT respond.  One of the ways DT enforces this is by

can not create Costomer Application to override google-cloud-storage-base for specific URLs

Hello everyone,

On a required page the application google-cloud-storage-base is used as CDN:
https://storage.googleapis.com/abc-bca-ger/uploads/....
At the same time, the google-cloud-storage-base application should be blocked for all other purposes.

traffic does not appear in 3260 module

traffic in monitor tab does not appear. After rebooting the firewall, it appears for only 1 day and does not appear after that.

We checked the retention and max quota and also, we checked the storage, and all is good. The problem starts after upgradin

VPN Performance over Prisma Access : slow downloads

Hi,

Can somebody tell met what you can expect from downloading a file over prisma access backbone.

Our datacenter is connected to service connection and when I try to download a 200 Mbps file from the datacenter to a remote network located in the s

Firewall already registered and upgrade path

Hello we have got a customer and they have purchased 5 X PA1400 series 

Customer has CSP account and he registered one PA and it went well

but when he tried to register 2nd PA , it shows This serial number is already registered .

How is this po

How could i drop"unknown RADIUS authentication protocol"?

Hi!

Recently we were receiving in our environment alerts of failed authentications from different random IP's and random usernames, i was able to reduce them following the next article: Detecting Brute Force Attack on GlobalProtect Portal Page - Know

Radius Authentication Profile

hello 

I am configuring a GP gateway for Radius Authentication 

I am using the CLI test authentication command to test 

I can ping the Radius host and confirmed Secret 

my troubleshooting shows packets allowed by the Security policy 

I cannot see any

PA-3260 HA firewalls flapping - Dataplane restarts, PanOS-10.2.5

Hello Experts

We have a pair of HA PA-3260 firewalls and we are running into issues of multiple random dataplane restarts causing HA failover. We were initially on 10.2.4-h2 and after facing the issue with random restarts decided to upgrade to the