Issues with Captive Portal / Continue URL Filtering Response page on 10.1.12

Upgraded 30 days ago to 10.1.12.
~14 days ago started getting complains from users that sites are broken - getting "site cannot be reached".
Sites that cannot be reached are site we specifically have "continue" action in our URL Filtering profile for

Rule UUID mismatch in Policies and Traffic Logs/Discrepancy in Rule UUIDs within Traffic Logs and Policy

Dear Team,

We have 2 * PA-5250 Firewall Appliances configured in Active-Passive and managed by Panorama. PANOS version on both the firewalls and Panorama is PANOS: 10.1.12.

Issue:

I've noticed an inconsistency where the Rule UUID displayed in the

NAT configuration

Hello

I would like to have your support to help me for NAT configuration for both scenario

Scenario1

Our customer request to create an IPsec tunnel between us (mycompany) and Customer. Our users need to reach Web server hosted on Customer site vi

Failed to handle CONFIG_UPDATE_START

Hi All,

I am getting this error while committing (Failed to handle Config_update_start)

I have also gone through kb's articles where i found this is due to high dataplane utilisation.

this error occurs due to High dataplane which increases from  ED

PA-5450 MGT-A and MGT-B Management Ports configuration

Based on the PA-5400 MPC Component Descriptions, the MGT-A and MGT-B management ports are bundled by default as a LAG:

"Two SFP/SFP+ management ports providing 1/10GE connectivity that are used to access the management interface. MGT-A and MGT-B ar

Help me to fix this issues /possible solution

 I am going to configure  Palo alto 5250 firewall to   branch   Huawei router  

The device is not physically connected ,  i try to  do static route from Palo alto to  Huawei router router but the network is not reachable.

kindly support me how to f

Release Date Information

Does anyone have a list of release dates for all software update versions of PAN-OS for 11.1 , 11.0 and 10.2? Thank you.

Should we block HTTP range requests?

I have found a few short discussions about how to block range requests, and an article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClJsCAK.

My question is whether we should be blocking them because they present a thre

PANOS 10.2.8 NOT recommended: S2S VPN IKEv1, IKEv2 Prefered does not work anymore

Hi Everybody,

We updated from 10.2.7 to 10.2.8 and had a lot of troubles with our Site-2-Site IKEv1, IKEv2 Prefered gateway connections. I'm not sure if the IKE Version is the root problem, but that was the pattern that was visible in the short tim

Failsafe bootloader

Hi Team,

Please assist with the following error I am receiving after firmware upgrade on my pa-850 firewall,

No-LMC0 configuration, and the device keeps rebooting.

Thanks in advance.

why drop rst packet

The customer is capturing packets on the firewall.

Check the files in the receive stage and find that the firewall has dropped the rst message sent by the client in the session.

Please refer to the screenshot for the file reference. Can someone tell