PAN-OS 10.2.9-h9 release notes and CVE-2024-3400

The addresses issues listed in the release notes ( 1/8/24) for PAN-OS 10.2.9-h9 state: 

PAN-252214 A fix was made to address CVE-2024-3400.

However this was previously stated as fixed in 10.2.9-h1.

Is this 'duplicate reporting' or does this address

Does column "PA-7000-100G-NPC-A" mean that it also performs "DPC" firewalling tasks or does it only perform network tasks such as routing and...?

In the picture that I have put of the 7000 firewall
Does column "PA-7000-100G-NPC-A" mean that it also performs "DPC" firewalling tasks or does it only perform network tasks such as routing and...?

-----------------------------------------------------

Force URL-Filter if GlobalProtect is disconnected

Hi together!

Is there a possibility to force a client to use a (local/cloud) URL-Filter if the Global Protect Client is NOT connected to the gateway?

Enforce Global Protect connection / define 40 FQDN exceptions is not really a solution.

Maybe th

PA-445 on PAN-OS 11.1.2-h3

First time posting so please bare with me.

Currently running into an issue that looks like a potential bug or an issues specifically with the PA-445 model (Support Case has been submitted and is in the works; but we'll see what happens) Two differe

BGP Route Advertisement /Export Rule

Need some help with advertising specific routes over BGP and hoping someone can help.

I have a site-to-site tunnel setup between AWS and my on-premise PA Firewall. I am receiving routes from AWS over BGP as expected. No issue there and I am able to

QOS issue error

any idea on below error.

Enviorment:-
OS - 10 2 8 h2
Model - 5220

2024-07-29 19:25:19.349 +0800 Error: gryphon_qos_perform_set(5200/gryphon_sysd.c:389): Set shaper on port 42 index 0 failed with ret -4

Load Balancing in NGFW

Hello All, I am writing to request if there is a way to perform load balancing in a firewall. Case in point an organization has two traffic links for internet lets call them link A and link B. So i need social media traffic to be rerouted to link A a

11.1.3-h2 - Post Install question

Hello,

After installing 11.1.3-h2 the Device -> Software view is different. Now I don't see the currently installed version or any more recent versions like 11.1.4. 

Is this a known issue?

Thanks,

Jon

spyware alerts for <something>.fmb.la

this just started popping up for DNS queries inside going outbound, my PA440 is dropping the packets as a spyware threat. This is quite a new development, probably last 24 hours.

Example action below:

name-of-threatid eq 'generic:com.fresh.fmb.la

Device Certificate Issues.

Hi Friends,

One of our customer is facing issues in fetching the device certificate on a PA-410 device running on PAN OS 11.0.4-h2.

We are logging into the CLI of the firewall with Super User credentials and try to fetch the certificate with the