Data Base application acees is slow through IPSEC Tunnel

While I am accessing database applications like tally through the IPsec tunnel, I am getting slowness.

1 we have good ISP speed 100Mbps

2 only 5 users are accusing this application 

3 we have overridden the SMB application 

4 no packet droop found 

h

IP sec tunnel

Hi Team,

We have multiple IP-sec tunnels and want to clean up unused tunnels.

Like we have the option of an unused rule for security policy, or we will know by its hit count, is there any similar way we can find out an unused tunnel so we can delet

TSF file upload

I am trying to open a case in the portal for one of our customers and the page is not working.  I have a TSF to upload as I believe our customer has evidence of exploitation of CVE-2024-3400

Microsoft Defender Outbound traffic policy

Trying to slim down a rule for outbound traffic with clients using MS defender. I built a custom URL list of the defender urls provided by MS. Added it to the policy under service/url category. The apps used are ms-update, ssl, web-browser, windows-d

Intermittent inet connectivity after updating to 10.2.8-h3

We're currently running on 10.2.3-h9 (PA-440's in HA pair Active/Passive) with remediation steps put in place for CVE-2024-3400 and Telemetry disabled. 

We attempted to migrate to 10.2.8-h3 as it is listed as a preferred release and fix for the CVE a

PBR using Route failover

Hi All,

Our organisation purchased two Mpls link and wants to configure an PBR like such

1) All intranet traffic like dns, ntp shoud go via primary MPLS

2) All internet related traffic should go via Secondary MPLS

3) In case Primary MPLS goes dow

Diabled Application in VSYS1

I have received an high risk alert on PA3250 IOS 9.1.16  "Disabled applications in vsys1: 104apci-unnumbered-startdt-act 104apci-unnumbered-startdt-con 104apci-unnumbered-stopdt-act 104apci-unnumbered-stopdt-con 104apci-unnumbered-test-act 104apci-un

Captive Portal is not Working

I have enabled Captive portal for PA-VM 100 and configured all points related to it.

Issue raised when a user tried to connect to internet, client get error pls look in the attached snap.

Elaboration on the differences between the PAN-OS root certificate, the device certificate, and the certificate under cert management?

I've been requested to get as much information as I can on this topic, and I've found a good one on Reddit.

A piece of info that i found on reddit

It's great, but somehow I still need much more elaboration on this.

Could anyone provide me a docum

NGFW Threat & Traffics Log Fields

Hi Team, 

I am going through the traffic and threat logs of the NGFW. In the logs, I am unable to get the knowledge of the following fields " domain" & "config version". 

Not able to login into URL from behind the palo alto

Dear Team,

Greeting...!

We are trying to access one URL from behind the palo alto, it was accessible but we are not able to log in to that URL, and when we checked using a mobile hotspot it was login successfully.

Additionally, we checked the t

Need clarification on URL Filtering logs

Hi everyone,

Please help me get through this.

We have configured PA-450 firewall and everything is working fine as expected.
But, We have used the option URL category in the security policy without an URL filtering profile for all user group. Which is