Palo Alto and Microsoft NLB multicast

Hi

I have an issue to contact the VIP of our Microsoft NLB.

We have a cluster of 2 PA-1410 (active/passive). On this cluster, I configured interface aggregate with sub-interfaces with ID vlan (ex :vlan10, vlan 50, vlan193..). Each IP of the interfa

Checkpoint Firewall migration to Palo Alto firewall using Expedition Tool

Hi Team,

We want to migrate the Checkpoint firewall with Palo Alto NextGen Firewall using Expedition Tool. I've gone through couple of forums also few of them listed on this community as well but I don't get more appropriate way to do this migratio

Global Counters if packet is dropped by QOS

Hi,

Is there any global counter that might indicate if my session is beeing dropped by QOS?

I have an issue where my BGP connection to prisma access drops but the tunnel to prisma access is always up.

The issue is intermittent.  

If i would setup a

PAN-OS 10.2.9-h9 release notes and CVE-2024-3400

The addresses issues listed in the release notes ( 1/8/24) for PAN-OS 10.2.9-h9 state: 

PAN-252214 A fix was made to address CVE-2024-3400.

However this was previously stated as fixed in 10.2.9-h1.

Is this 'duplicate reporting' or does this address

Does column "PA-7000-100G-NPC-A" mean that it also performs "DPC" firewalling tasks or does it only perform network tasks such as routing and...?

In the picture that I have put of the 7000 firewall
Does column "PA-7000-100G-NPC-A" mean that it also performs "DPC" firewalling tasks or does it only perform network tasks such as routing and...?

-----------------------------------------------------

Force URL-Filter if GlobalProtect is disconnected

Hi together!

Is there a possibility to force a client to use a (local/cloud) URL-Filter if the Global Protect Client is NOT connected to the gateway?

Enforce Global Protect connection / define 40 FQDN exceptions is not really a solution.

Maybe th

BGP Route Advertisement /Export Rule

Need some help with advertising specific routes over BGP and hoping someone can help.

I have a site-to-site tunnel setup between AWS and my on-premise PA Firewall. I am receiving routes from AWS over BGP as expected. No issue there and I am able to

QOS issue error

any idea on below error.

Enviorment:-
OS - 10 2 8 h2
Model - 5220

2024-07-29 19:25:19.349 +0800 Error: gryphon_qos_perform_set(5200/gryphon_sysd.c:389): Set shaper on port 42 index 0 failed with ret -4

Load Balancing in NGFW

Hello All, I am writing to request if there is a way to perform load balancing in a firewall. Case in point an organization has two traffic links for internet lets call them link A and link B. So i need social media traffic to be rerouted to link A a

11.1.3-h2 - Post Install question

Hello,

After installing 11.1.3-h2 the Device -> Software view is different. Now I don't see the currently installed version or any more recent versions like 11.1.4. 

Is this a known issue?

Thanks,

Jon

spyware alerts for <something>.fmb.la

this just started popping up for DNS queries inside going outbound, my PA440 is dropping the packets as a spyware threat. This is quite a new development, probably last 24 hours.

Example action below:

name-of-threatid eq 'generic:com.fresh.fmb.la