Path error issue when performing SCP from CLI of Paloalto NGFW.

Hello, I'm currently trying to transfer Stat-dump to NAS using scp by specifying a desired period.

I think the connection has been made since the NAS user authentication step has been completed through the CLI command.

However, an error occurs saying t

DAG object matching app-id as a destination address

Hello there,

I'm reviewing some security policies and came across something peculiar. I'm curious why a DAG would be used as a destination address that matches on app-id and the same app-id in the application field.

Is there any technical behaviour

Why restarting management server helps to solve Panorama GUI access problem

How does restarting management server solves the GUI access problem. Besides that, why does the websrvr gets stopped by itself.

"Use Default Browser" option not showing in Strata cloud manager

Hello Team,

We have client firewall managed with strata cloud manager. We were trying to use the default browser for SAML authentication. When we checked that option on firewall under GlobalProtect Portal > Authentication >"Use Default Browser" it wo

Frequent flaps with DPD timeout between a Palo Alto device and AWS VPN.

I have been experiencing frequent flaps with DPD timeout between a Palo Alto device and AWS VPN.

Do not Palo Alto devices go well with AWS VPN ?

Are any specific settings needed to be taken care of for stable connection to AWS VPN ?

Issue with Intermittent Blocking of ChatGPT URL-Not-resolve

Hi Team,

I’ve noticed that in my environment, the chatgpt.com URL is intermittently categorized as unresolved and is being blocked.

For your reference, I am attaching a snapshot highlighting this behavior.

Please let me know if additional informa

Device transfer query

Hi All,

Facing below error while registrating the device.

" Device and support code do not match support account. Please contact super user to send you a registration link for approraite support account."

Also what could be the steps to device transf

Firewall sizing tool

Hello, is there any firewall sizing tools which i can download where i can measure which firewall fits best to my request, by traffic pattern feature use

FQDN resolution mismatch

I have a connection to a destination FQDN allowed via Palo Alto firewall PA 440.

Palo alto shows a different IP to the FQDN than one on the host machine when I do a nslookup. 

Connection to the destination is getting reset Please advise on the steps an

PA-1410 - secondary IP unreachable

I have an issue where the secondary IP-address is unreachable on PA-1410.
The deployment looks like.
2 PA-1410 HA (active/passive)

Aggregated layer 3 interface with sub-interface (vlan tagged)

Management profile allow ping only

Firewall policy is allow

Factory 5220

There are two drives on the 5220. The factory reset for version 10 says to select maintsys-root1 and reset. Why not root0 as well. The device has two drives so wouldn't maint-syroot0 need to be ran as well? It looks like the drives are setup in a r

License and dynamic update query

Hi All,

I have panorama integrated Palo Alto devices and need help on below query

1) Can we perform dynamic update of Palo alto from devices itself instead of panorama. Does this practice unsync the Palo Alto from panorama ?

2) panorama having only ma

User ID version compatiblity with PAN OS 11.1

Hello,

Anyone know if the the user ID Agent 11.0.1 is compatible with PANOS 11.1.x ?

Thanks

NTP Not synced but got time-learn in Logs

Hi Team,

Ntp not synched but got initiate time-learn in logs.

>show ntp

ntp not synched, using local clock

status : rejected

reachable: yes

authentication-type: none

Have tried to set it to public server still the same. And also when try to set ma