Next-Generation Firewall Discussions

The difference between the values ​​shown in ACC and Live Session is too large.

Hi

I recently discovered something strange while checking a customer's firewall.

The customer firewall's session count typically has a count around 1.5 million.

But the firewall ACC shows a figure of 4 million

I know that ACC is not a real live c

PAN OS 11.1.4 h1 issues

The customer upgraded the PAN-OS to version 11.1.4-h1, but their MPLS link is down, similar to an interface port issue. The same problem occurred with versions 11.0.0 and 11.1.0, but on version 10.2.10, the MPLS link worked fine. The customer has man

Not able to download PCNSe certificate and badge?

Hello Palo Alto Team,

Todays, I have successfully completed PCNSE certificate. But not able to found on palo alto portal . Are we need to integrated certificate with palo alto portal. And any benefits, when I integrate it in portal.

Thanks

Yogend

Where to add Proxy ID with multiple tunnels?

Hey all,

We have 3 firewalls:

C1 = Cisco FW - Policy based S2S VPN -- subnet behind it 10.1.0.0/24

P2 = Palo FW - Route based S2S VPN -- subnet behind it 172.16.50.0/24

C3 = Cisco FW - Policy based S2S VPN -- subnet behind it 192.168.20.0/24

We hav

write a query for this specific group to track endpoint incidents

Hello everyone,

I have an endpoint group named "xyz" and I need to write a query for this specific group to track endpoint incidents over the week. 

Thanks!
Cortex XDR NGFW 

Traffic log Category: command-and-control

hello,

can someone please explain to me why I observe logs from an external ip of Type: TRAFFIC, Category: command-and-control 

Action: drop.
Shouldn't the category trigger for connections made from inside out ?
Also, why it generates Traffic logs and

PA-400 Check software not working

Hi,

I have a standalone PA-440 device which I tried to check for upgrades to update its PANOS from 11.0.x releases to 11.1, but the check for updates never pulled any new updates from Palo Alto repositories, and all I am getting is an empty list.

in palo alto isp2 as private ip address , and gateway is not reachable

HI Team,in palo alto isp2 as private ip address dhcp , link is working fine in laptop,after connecting to firewall gate way uis not reachable,both link are in same VR , for Both isp defualt route configured, please assist me resolve the issue

Palo Alto-certified SFP check

Hello,

Normally we use the following commands to check an SFP by Palo Alto Certified or not. 

Upcoming November 18, 2024 Deadline for User-ID and Terminal Server (TS) Agent Certificate Expiration

we have PA-3250 running PAN-OS 10.1.10-h1, please advise that User-ID and Terminal Server (TS) Agent Certificate Expiration will affect our services ? or  should i need to upgrade firewall which version?

PAN OS Issues with MPLS Link

We noticed that the customer’s environment had an upgrade of the PA-440 to PAN-OS 11.1.4-h1, but they experienced an MPLS link-down issue. The same issue was observed on the remaining four firewalls. After downgrading to PAN-OS 10.2.10, the MPLS link