SSL policy rule and needed match application values

Hello,

I have a quick question in regards to SSL decryption and policy match values.

If I have SSL decryption, and I want to allow 'facebook-chat' for example, I know a policy rule with the app facebook-chat and it's dependencies 'facebook-base,mqtt-

Observing Internal error logs on Global Protect SAML Auth

Recently observing below logs very frequently 

"Reason: Internal error, e.g. network connection, DNS failure or remote server down. auth profile 'Azure', vsys 'vsys1', From: x.x.x.x"

Any idea

GlobalProtect

Please check the Max Decrypt session value of PA-3410.

Hello

I'm curious about the number of SSL Decrypt sessions for PA-3410.

I could see this on the product comparison site before, but I can't see it now.

A customer using Decrypt wants that information.

It's not even in the spec sheet or data sheet, where

Rule UUIDs Always Change

Greetings Community! 

Apologies if this has been answered in a previous thread- I couldn't find anything... 

When exporting configuration files from PA-3220 I have noticed that sometimes the rule UUIDs are different than the previous config dump

Global Protect Custom Setup

Hi Guys 

I have 5 separate GP Captive Portals and I want to make a custom setup for all of them separately. I will deploy them separately from the network.

Can we change the global protect msi package?

I heard it can be done from Expedition, is it

PA-7000 global routing resources

Hi,

We have a PA-7000 which is approaching a global routing resource usage of 32000 IPv4 routes. We do not use IPv6 at all so is it possible to re-allocate the 32000 routes set aside for IPv6 to the IPv4 table?

Thanks.

Paul.

TS-agent integration with User-id agent

Hello Community,

Can we integrate Palo Alto Terminal server agent with Palo alto User-id Agent without the terminal server agent (TS-agent) being integrated with the firewall directly?

Thanks in advance for your help

PANXAPI automated adding and removing of users and their records such as ip-address and so on

Hi everyone,

Is automated adding and removing users and users information in PA is possible uisng panxapi.py

UserID certificat expiration 18 November

For these devices in version 11.03h2 and using the users-id functionality
Panorama VM
PA 400
PA 1450
VM series 

Regarding the expiration of the user-id certificate on November 18, 2024
Is the PAN-OS version impacted?

Thank you

test

This is a test mail message

Flood protection (SYN) blocking/failing file downloads

Hopefully someone can make some sense as I can't find it. Still a little new to PA, though, but this is something I really don't get it.

If I enable Zone Protection - Flood Protection (SYN) and choose "Syn Cookies" or "Random Early Drop" on internal a

HA pair not syncing after SSL cert change

Hi there folks,

I'm trying to troubleshoot an issue with 2 firewalls where we uploaded the same SSL cert in both FWs and now they are not syncing.

Our troubleshooting efforts have come to the following:
- Reboot management server on both firewalls

Alert for appid queue overflows

We've been facing an issue with discards due to the app-id queue overflowing - counter "appid_exceed_pkt_limit_post".

I've been trying to either have the firewall send an SNMP trap when the counter increments OR have the alert "bubble-up" to the sy