DNS-Proxy vs management dns queries

Hi,
We have a fw on 11.1.12 and we are seeing behaviour we don't expect.
The management is set to use an internal dns server.
We have proxy-dns objects that use EXTERNAL dns servers for our public wifi network.
We see that when a client on this network w

Not able to download PCNSe certificate and badge?

Hello Palo Alto Team,

Todays, I have successfully completed PCNSE certificate. But not able to found on palo alto portal . Are we need to integrated certificate with palo alto portal. And any benefits, when I integrate it in portal.

Thanks

Yogend

gov.in Website not accessible

Hi Guys,

I have a case in which customer not able to access Karnataka gov websites.

We have created any-any test rule as well. Despite that still website not accessible.

Also, not able to see any packets drop counter and pcaps on firewall.

In

Mist AP and user-id

Hello all,

I'm trying to get our new Juniper Mist ap's to work with user-id on a PA440, from reading around I see that only AD joined devices will work with user-id, and that's how its been for us for a while now, but we got the Juniper AP's and look

Safe to upgrade to PAN-OS 11.1.6-h20?

Was sent a recommendation by our cyber guy to upgrade from current PAN-OS version 10.2.14-h1 to 11.1.6-h20.  Read about some issues with 11.1.6 and wanted to get expert input on this version.  Thank you!!

Header Fields for Syslog for Rapid7

I'm troubleshooting an issue with Rapid7 ingestion of our logs from our Palo Alto firewalls into what they call an "IDS log."  We need to write a custom parser to properly parse the source data, but that means we need the headers for all of the field

Anti virus profile not able to scan a file?

While Studying PCNSE and the topic is 

Using PA FW AV & WildFire

I notice that the anti virus profile was not able to block the eicar.com file that keith barker downloaded on the FW.

He created a decryption policy in order to block that file.

On

How to check cortex agent content update date on endpoint

Hi Team,

Anyone has an idea how to check the content update date in endpoint please note not in the cortex management console i want to check the last content update date in endpoint.

2 LANs are not reachable to eachother

In Palo Alto Firewall, we are facing an issue. we have configured 2 LANs and 2 WANs. working fine even load balancing also works.
But LANs cannot ping/reachable with eachother. even both lans having internet access.
How can we configured that LAN can r

Outbound SSL Decryption Quirk

Hello,

I have established an outbound SSL decrypt policy that I have enabled for only myself as I test functionality. Over the past few months, I've noticed a quirk that I'm unsure of the reasoning behind. With the policy enabled, sometimes connect

Regarding the support for Cisco ISE integration with PAN-OS 12.x.

Hello, ExpertI have a question regarding the support for Cisco ISE integration with PAN-OS 12.x.

In the PAN-OS 11.0 (EoL) documentation, it appears that integration with Cisco ISE (TrustSec) is supported through the Panorama Plugin:
https://docs.paloa

Azure "az" command and decryption

Hello, All.

Working on Windows. A few days ago, tried to understand why the Microsoft Azure CLI "az" command line program was not working with decryption behind our PAN OS 10.2.10.

• Azure CLI is a python tool. I am currently running v2.77 (latest)
• I