Is there tool available to sync the config from physical Paloalto on-premise the disaster recovery site in Azure?

We have onpremise network and paloalto firewalls and zone base zero trust config and we want to have the DR in Azure on virtual firewalls and looking for the way to convert and sync the config from on-premise physical firewalls to Azure virtual firew

Facing packet dropping issue after imported configuration.

 The issue is currently planning to migrate PA220 to PA440.

We have imported the configuration file from PA220 to PA440,  The network is down and facing packet drops 

Data cap limits for users in specific network

Hi, just like the title says, I'm looking to cap data usage for users in a subnet, something like this: https://github.com/hiep4hiep/PANW-Bandwidth-quota, but without having to use scripts, is there a way to do something similar inside the PA firewal

PAN-OS NGFW - LDAP Authentication via Group Membership - Admin UI

Hello,

I'm trying to set up NGFW in a lab environment where all users have an account defined in a centralized authentication store. We're using FreeIPA, which provides authentication services via LDAP and Kerberos.

I've gotten authentication wor

PBF based on URL Filtering/Application

hi everyone,

We have a PBF Rule allow all internal users to internet via our ISP1.

And I want to create another PBF rule on top of the above PBF rule to allow Instagram application traffic towards ISP2?

I look through the below KB but it is not doa

URL Filtering: Categories for Suicide Promotion/Self-Harm Promotion

Hi!

Unless I've been dumb enough to miss them, the Palo Alto URL filtering database lacks a category for suicide/self-harm promotion sites. I've now been asked for a second time if we could block such sites. As a higher education institute, we're r

Pa 410 model pan os download issue

Able to download pan os 10.1.x software and dynamic updates, but when i try downloading 10.2 every ttime it will go till 60-70 per and then start re downloading it.

Any suggestion on this problem

URL Category behavior with rule match condition question

I came across behavior that confused and concerned me recently. I had a test rule with the following conditions set:

Source Zone (LAN)

Source user 

Destination Zone (WAN)

Application (ANY)

URL Category (not in Profile/Action section, but in Service/U

Cloud NGFW for Azure

Hi Team,

Can I check on the roadmap of this service availability in South East Asia. Thanks

No SSL Decyrption with content Inspection Enabled.

Hi All,

I have enabled the content inspection features like URL filtering\Antivirus\Wildfire analysis etc.

However SSL decryption is not enabled.

Could someone please let me know that content inspection features really worth if SSL decryption is

Traffic: Logs and Indexes and Current Retention

Found our that our FW1 only able to keep 4 days of traffic logs but took more space than FW02 which able to log up to 15 days ( previously FW2 in active for around 2 weeks+)

FW01

FW02

Disk usage:

traffic: Logs and Indexes: 34G Current Retentio

LDAPS TLS Handshake Failure

Hello,

I upgraded one of our PA devices from 10.1.9 to 10.2.4-h4. LDAPS was configured to access and gather user's info from DC. But it stoped working after upgrade. I captured traffic and saw following error - TLS Handshake Failure. I know that star

Palo Alto DNS Security - Remote Sites

Hello, 

We have a site-to-site hub and spoke vpn setup, Palo Alto being the hub and multivendor spokes.

Is it possible that our remote sites are able to utilize the DNS Security feature installed on Hub for DNS Sinkhole?

URL Filtering Category level (Streaming Media ) Blocking or Custom Blocking is not working for Youtube.

Palo Alto URL Filtering allows blocked URL categories if one keep refreshing the page. The issue is particularly seen with Youtube.com. We have blocked Streaming Media category and Custom URL to block youtube.com. However the web page is opened after

Email Scheduler

Please check the below snapshots,

we are trying so many KB articles , still it shows smtp connection failure and peer certificate issue