Preempt behaviour in HA

Hi all,

As per palo alto documentation if we enable preempt in HA then primary palo alto will reclaim its active position if it comes back. Does this reclaim works on complete device failure or for any monitoring link/path failure also.

What's mean minus value and rate in global counter?

What's mean minus value and rate in global counter?
Does anyone know?

BGP route is not present on the other region

This is the representation of the connectivity of my setup.

Inside each region have Palo Alto firewall and Silverpeak appliance. 

On each region, between Palo Alto and Silverpeak there is ibgp that been configured. AS number is the same.

On the fire

Forcing/Redirecting IP addresses to use name

Hi All, happy new year.

Is there a way to block or forcing/redirect incoming traffic to an ip address. I would like to block outside attempts from trying to access the network using the ip address instead of the hostname/url.

Appreciate any suggest

DNS-Base traffic

Hello Fellow Members,

Have been going through the ACC tab and noticed some rather abnormal traffic, have traffic that well beyond 800TB, and at times goes beyond 1000TB(1PB), is this normal given that fact I am looking at internal traffic (intrazon

30 day trial license activation

Hello,

i started my trial license yesterday and wondering if i can register it? 

When i go under software update, it says "The device is not found or not registered, please try after some time".

When i try to create a support account it wants from

URL filtering database updates problem

I have a feeling that the URL filtering database updating doesn't work correctly. After a reboot of the firewall it update a few days and then stops. In the URL filtering logs I also see a lot of "not-resolved" even for url's like play.google.com. I'

Wildcard certificate-GPVPN certificates

Just imported new wildcard cert for firewall management GUI as the existing one is expiring soon. Certificate first imported to Panorama then pushed to Primary & Secondary firewalls (Active-Standby). Certificate is showing valid for Panorama but not

High Disk Space Usage on /opt/pancfg partition

Hi Mates,

I am getting alerts on /opt/pancfg utilizing 90%. 

How ever I deleted the old, downloaded software and dynamic updates (around 1.5Gb file) but still space utilization is same as 90% using below KB.

https://knowledgebase.paloaltonetworks.com

License expired within 1 year, need to activate with recent date

Hello,

We have a firewall whose license has expired for a year. we need to reactivate it but with a recent date (for this year), and not counting from the expiration date . how to proceed in this situation?

Regards,

GP-Agent, Allow with Ticket to disconnect the GP-Agent

Hi everyone,

I have a use case to disconnect the GP agent through the ticket. By following up on the admin guide I configured it. But it's not working. I have attached screenshots of the error message.

Configuration part:

In Portal, Agent >App sett

Palo Alto - Security rules best practice for web filtering delegation

Hi,

We deploy multiple PA-220 and configure them through a unified Panorama. 

The need is to provide local administrators with the ability to manage a part of the web filtering to do things like add/remove a website from the allow/blocklist URL c