Can Palo notice and react to a flapping Internet link?

Hi All,

We have simple setup, when firewall is connected over physical interface to a L2 switch, while L2 switch is connected to 2 CPEs of different ISPs. Obviously, next hop for our firewall going out is an interface of the CPE. We are tracking de

installing minemeld Ubuntu 20.4

Cant seem to get this to work using these links:

https://github.com/PaloAltoNetworks/minemeld-ansible

https://github.com/PaloAltoNetworks/minemeld?tab=readme-ov-file

Anyone been successful getting this installed on Ubuntu 20.4?

File Blocking block/continue issue

Hi everyone, I'm trying to setup fileblocking on PanOS 11.0.2-h1 and I'm facing strange behaviors. With some sites I get block or continue page, and DataFiltering logs. With others, I get an empty file download for both continue or block actions and

Known issue (Issue ID: PAN-227368) with version 11.0.2. Will it be solved by 11.1.0-h2 to upgrade?

Change    : We have upgrade to  11.0.2 post upgrade facing below issue. 
Issue ID: PAN-227368

Issue Statement :     The GlobalProtect app cannot connect to a portal or gateway and GlobalProtect Clientless VPN users cannot access applications if authen

Policy commit failures due to profiles exceeding platform capacity using version 10.1.8-h2

We have not updated the number of profiles and have been successfully committing policy for probably a year with this same number of policies, but all of a sudden we are not able to commit policy pushes either from gui or cli.

We have gone through

Interface migration to fiber over SFP 10G

Hello team,

I have a Palo Alto 3220 cluster that is connected to a CORE switch over ethernet and I need to migrate that connection to fiber over SFP 10G converter.

I am trying to define a procedure to migrate with no downtime and I had thought to s

Packets dropped: forwarded to different zone

We have a PaloAlto firewall that we have configured differrent zones, everything is working fine, except for a specific traffic between IP 10.40.129.49 and 172.26.2.58.  The 10.40.129.49 is located on a subnet directly in a zone defined on the firewa

Malicious IP address log sudden increasein traffic

Our Malicious IP Traffic Alert typically registers a few dozen hits a day. However over the last weekend this has suddenly increased to a couple of thousand a day. I cannot see anything different apart from the quantity. The IP addresses are the same

Question about setting memory oid value when setting paloalto snmp

Hello. There is something I need to check about SNMP settings.

1. I see the memory value I use with packet buffer protection, is there a way to remove it?

2. If not, can I know how much memory PBP uses?

This is required for threshold setting in t

IP blocked then allowed

Hi, 
I'm reviewing a logs regarding a low reputation IP which in the first log it's action is dropped, and 5 minutes later 3 logs with action allowed. Why does it dropped then allowed it?

Logs

category: spyware

action: dropped

Threat Name: CobaltStrike

XFF

hi.

It's not really a big deal, but when using URL-Filter Logging, would it be possible to log  X-Forwarded-for X-Forwarded-for if the HTTP Request Method is CONNECT?

Is there any documentation or support for this?

Thank you.

Please kindly repl

PA-410 bug - disable-predefined-reports

PA-410 running PAN-OS 11.1.0. This firewall had been upgrade from 10.2.latest to 11.1.0.

After making an unrelated change to mitigate CVE-2023-48795, validate fails with:

Could not get schema node for xpath /config/devices/entry[@name='localhost.lo

Strata Sales training guide

Hi team,

I m new in the system as a sales solution specialist i see the Prisma SASE and Prisma cloud having the proper sales pre sales post sales guide to understand the in depth product where i came to strata there is no Sales guide i found can an

Cannot change action for special Threat ID

On our 5410 with PANOS 10.2.7-h3 installed I can see a lot of threats with ID 89953 (Inline Cloud Analyzed Unknown-TCP Command and Control Traffic Detection), severity = high, default action = alert.

I want to change the default action via Anti-Spywa