Link and traffic priority on palo alto

Hi All,

We are using one isp link for internet browsing and 2 site to site tunnel. Now we have procure another isp link and want to configure it as a primary for internet traffic and one location (India) site to site vpn.

Below my approach to achieve

Issues with SSH and Telnet access only on the passive firewall. GUI access is working fine.

I’m having an issue accessing the passive firewall in my cluster via SSH or Telnet. I can access it normally through the GUI and authenticate using LDAP or my local admin user. The active firewall authenticates both GUI and CLI without any problems.

Abnormal display of traffic log BYTES filed

The customer found that some traffic logs have extremely large bytes, reaching 281.5T,

Looking at the log details, it was found that:

Question 1：

Details:

Type end

Bytes 281474976579754  ---- I think this is an incorrect display?

Bytes Received

validation error "poe unexpected here"

I'm trying to push policy from Panorama (11.1.6) to a PA-440 (10.2.13).  In Panorama, when looking at the config of an interface such as Ethernet1/1, it has a tick box for "PoE". However, on the same dialog on the PA-440 there is no PoE depicted. Now

Global Protect Mac-OS Received fatal alert IllegalParameter from client

Hello team,

I have an issue with the Global Protect 6.2.7 app running on an Apple Mac OS X Sequoia15.3.1 in the SSL negotiation process,

The error on the Global Protect say "The network connection is unreachable or the portal is unresponsive. Check the

Unable to patch Windows Server to utilize UIA

Hello Team,

We are currently experiencing this knowledge issue in our environment.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001Vcg

I understand that this can be resolved by applying a patch.
However, we are unable

About the output of the "show ctd-agent status security-client" command

Hi everyone,

I'm using a PA-5250.

When I ran the "show ctd-agent status security-client" command, I noticed that the output had changed:
"Security Client UrlCat(2)" had disappeared, and "Security Client WifUpload(0)" was displayed instead.

[Before]
Sec

Cortex XDR EDL

Hi,

We want to integrate Cortex XDR EDL with PANGFW EDL. We did everything with this guide -- https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Manage-External-Dynamic-Lists

After finishing setup we initiated tes

PAN-DB cloud list loading failed (ERROR:SSL connect error)

Hi Team,

Getting this error one by one on each firewall.

How to fix this error?

PA has only one admin account with "device administrator" Role

Hi everyone,

My client deleted the default admin "superuser" account and replaced it with another admin "device administrator" account. 

Now only one admin account with only the "device administrator" privilege exists in the firewall. The problem

Anyone with exp in Firewall PAN-OS SD-WAN without panorama for VPN S2S Dual ISP ?

Anyone with exp in PAN-OS SD-WAN without panorama for VPN S2S Dual ISP ?

Hi Live PAN-community, how's it going ?

Does anyone have operational functional experience of pan-os sdwan ( firewall sdwan without panorama and without cloudgenix appliance

DNS-Proxy vs management dns queries

Hi,
We have a fw on 11.1.12 and we are seeing behaviour we don't expect.
The management is set to use an internal dns server.
We have proxy-dns objects that use EXTERNAL dns servers for our public wifi network.
We see that when a client on this network w

Not able to download PCNSe certificate and badge?

Hello Palo Alto Team,

Todays, I have successfully completed PCNSE certificate. But not able to found on palo alto portal . Are we need to integrated certificate with palo alto portal. And any benefits, when I integrate it in portal.

Thanks

Yogend

gov.in Website not accessible

Hi Guys,

I have a case in which customer not able to access Karnataka gov websites.

We have created any-any test rule as well. Despite that still website not accessible.

Also, not able to see any packets drop counter and pcaps on firewall.

In

Mist AP and user-id

Hello all,

I'm trying to get our new Juniper Mist ap's to work with user-id on a PA440, from reading around I see that only AD joined devices will work with user-id, and that's how its been for us for a while now, but we got the Juniper AP's and look