Palo Alto T-Q28-100G-S4 and PA-5450 with PAN-PA-5400-NC-A

Hey everyone,

I am working on a project to integrate Cisco Catalyst 9500/Nexus 9300 switches with Palo Alto PA-5450 with PA-5400-NC-A cards using 100G QSFP transceivers. Specifically, I was testing with below transceivers.

• Cisco QSFP-100G-SR4-S

High Data Plane Utilization During Business Hours

Hello,

We are experiencing an issue that is becoming hard to isolate, our end users noticed network slowness about a few days ago.

During Isolation and investigation it led us to our NGFW PA-3260's.

This causing extremely High latency when reac

PAN OS integrated Use ID agent Server monitoring Status Showing "Access Denied"

Hi Team

Pan OS Integrated User ID is connected with one of our DC server with out having any issues while configuring in the other DC servers we are getting the "ACCESS Denied" in the server monitoring.

While seeing in the 

>less mp-log useridd.l

Cannot Access Primary in HA Pair – Need Failover & Recovery Advice"

**Subject: Unable to Access Primary Firewall in HA Setup — Need Guidance on Failover and Recovery**

Hello Palo Alto Community,

We are currently facing an urgent issue with our Active/Passive Palo Alto firewall setup:

Palo Alto Model:PA-3220
VERSION:10.2.

Palo Alto Firmware Downgrade

I want to downgrade the firmware of PA-410R from 11.1.4-h7 to 10.1.10-h1. I am trying to access the support portal, but it's not accessible, and I cannot even reach the help line numbers. I want to integrate the firewall with the existing Panorama wi

Request Advice – BGP Failover Route-Based IPsec VPN With WatchGuard (WG)

Hi Everyone,

I’m looking for guidance on the best-practice way to set up redundant route-based VPN tunnels using BGP between a Palo Alto firewall (PA-VM) and a WatchGuard firewall. The goal is to implement primary/secondary failover with dynamic rout

Issue with IOS 26 and SMTP

Hi everyone,

We are experiencing a persistent issue with SMTP sending from iOS devices (specifically 26.1) when SSL Forward Proxy / Decryption is enabled on the firewall(10.2.16-h4).

Is there any bug or limitation published related to this?

Thanks

Clarification Needed: PAN-OS 11.2.x Vulnerability Status and Mitigation

1) Version Clarification 
Is PAN-OS 11.2.x (specifically 11.2.4-h1) affected by CVE-2023-48795 (Terrapin SSH Attack)? The advisory lists up to 11.1.x but does not mention 11.2.x. 
2) Mitigation Confirmation 
If 11.2.x is affected, does disabling chach

Error log ": MLAV Server certificate validation failed. " received

Hello Team,

   Just few hours ago we have upgraded our pa 1410 panos from ver 11.1.10-h1 to 11.1.12 recommended by tac to solve error log "devsrsr: virtual memory limit exceeded, restarting ".

Now through these few hours after apparently a successful

Issue with call recording (flow_predict_convert_rtp_drop)

Hi Team,

We’ve been experiencing issues with the communication between a Cisco softphone and the call recorder. Below is the scenario and a description of the problem:

1. When users place calls from a Cisco softphone, the call is established successfully,

SNMP BULK REQUEST

Hi,

Is there any way to disable SNMP Bulk request on 1410 with PANOS 11.1.4-h1. I am unable to see any option in Device --> Setup --> Operation --> SNMP

Bonjour mDNS Reflector Layer 3 Vlan Interface

Just curious if anyone out there knows why Palo Alto has never implemented the Bonjour Reflector feature in Layer 3 Vlan interfaces.

PAN implemented this a long time ago but it is only available on physical Layer 3 interfaces (or subinterfaces) or