Issue with IOS 26 and SMTP

Hi everyone,

We are experiencing a persistent issue with SMTP sending from iOS devices (specifically 26.1) when SSL Forward Proxy / Decryption is enabled on the firewall(10.2.16-h4).

Is there any bug or limitation published related to this?

Thanks

ChatGPT User-ID, AD and IP mapping issue

There is an issue with Palo Alto firewall which has to do with user IP mapping and AD. User is grated access via policy in the format source-user = corp\employee. After that's done, the user works fine today accessing ChatGPT but then the user is not

Clarification Needed: PAN-OS 11.2.x Vulnerability Status and Mitigation

1) Version Clarification 
Is PAN-OS 11.2.x (specifically 11.2.4-h1) affected by CVE-2023-48795 (Terrapin SSH Attack)? The advisory lists up to 11.1.x but does not mention 11.2.x. 
2) Mitigation Confirmation 
If 11.2.x is affected, does disabling chach

Error log ": MLAV Server certificate validation failed. " received

Hello Team,

   Just few hours ago we have upgraded our pa 1410 panos from ver 11.1.10-h1 to 11.1.12 recommended by tac to solve error log "devsrsr: virtual memory limit exceeded, restarting ".

Now through these few hours after apparently a successful

PAN-OS 10.2.17 HA A/P - Mgt interface reported as duplicate IP of data interface

After installing PAN-OS 10.2.17 to a PA-440 HA A/P pair  ( to address - CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface . ) 'duplicate IP' system logs reported where the stated MAC address appears to be the fw m

Issue with call recording (flow_predict_convert_rtp_drop)

Hi Team,

We’ve been experiencing issues with the communication between a Cisco softphone and the call recorder. Below is the scenario and a description of the problem:

1. When users place calls from a Cisco softphone, the call is established successfully,

SNMP BULK REQUEST

Hi,

Is there any way to disable SNMP Bulk request on 1410 with PANOS 11.1.4-h1. I am unable to see any option in Device --> Setup --> Operation --> SNMP

Bonjour mDNS Reflector Layer 3 Vlan Interface

Just curious if anyone out there knows why Palo Alto has never implemented the Bonjour Reflector feature in Layer 3 Vlan interfaces.

PAN implemented this a long time ago but it is only available on physical Layer 3 interfaces (or subinterfaces) or

How to allow a user only to push the changes made by him/her on Panorama

Hi Team,

How do I allow a user to Push only the changes made by him/her.

I tried restricting the access using "Allow push for other admins" option but this is disabling the access for any push.

I've tried multiple options but none of them is helpin

OSPF & Static Routes

Hi, 

I have OSPF configured on PA460 firewall with profile redistributing Static. I have another redistribution profile not to redistribute certain subnets/routes. Now I want to add some new routes with metric higher than that of OSPF. Will these rou

LACP Features on Palo Alto Firewall

Hi Team,

I would like to ask whether the Palo Alto Firewall has the following two features:

1. LACP Graceful Shutdown

2. LACP Suspend Individual

Regards and Thank you

NGFW 

Which model is the rack mount kit for the PA-510?

In the datasheet, the rack mount kit for the PA-510 is listed as “PAN-PA-400-RACKTRAY”, but in the technical documentation, it’s written as “PAN-1RU-4POST-RACK-10.”
Is there a qualified Palo Alto Networks staff member who can confirm which one is actu

possibility of secure MQTT's decryption at Palo alto firewall

how can we decrypt MQTT's port 8883 traffic at palo alto firewall, or is it possible.