URL filtering database updates problem

I have a feeling that the URL filtering database updating doesn't work correctly. After a reboot of the firewall it update a few days and then stops. In the URL filtering logs I also see a lot of "not-resolved" even for url's like play.google.com. I'

Wildcard certificate-GPVPN certificates

Just imported new wildcard cert for firewall management GUI as the existing one is expiring soon. Certificate first imported to Panorama then pushed to Primary & Secondary firewalls (Active-Standby). Certificate is showing valid for Panorama but not

High Disk Space Usage on /opt/pancfg partition

Hi Mates,

I am getting alerts on /opt/pancfg utilizing 90%. 

How ever I deleted the old, downloaded software and dynamic updates (around 1.5Gb file) but still space utilization is same as 90% using below KB.

https://knowledgebase.paloaltonetworks.com

License expired within 1 year, need to activate with recent date

Hello,

We have a firewall whose license has expired for a year. we need to reactivate it but with a recent date (for this year), and not counting from the expiration date . how to proceed in this situation?

Regards,

GP-Agent, Allow with Ticket to disconnect the GP-Agent

Hi everyone,

I have a use case to disconnect the GP agent through the ticket. By following up on the admin guide I configured it. But it's not working. I have attached screenshots of the error message.

Configuration part:

In Portal, Agent >App sett

Palo Alto - Security rules best practice for web filtering delegation

Hi,

We deploy multiple PA-220 and configure them through a unified Panorama. 

The need is to provide local administrators with the ability to manage a part of the web filtering to do things like add/remove a website from the allow/blocklist URL c

How to determine the cause of a slow network

Hello,
I notice that my network is slow but I don't know how to determine the cause of this slowness. Could someone tell me how to find out please?

What is the Certificate Chain of Trust?

The Chain of Trust refers to your SSL certificate and how it is linked back to a trusted Certificate Authority. In order for an SSL certificate to be trusted it has to be traceable back to the trust root it was signed off of, meaning all certificates

Aggregate interace behaviour

Hi All,

Facing an issue where doing an failover with aggregate interface not working.

Example if I unshut any one link from aggregation link of passive firewall and shut both interfaces of aggregation link of primary firewall, still firewall don'

Inline Cloud Analyze Event Threat missing XFF_IP

Hi, is there a reason why specific events (e.g. Inline Cloud Analyzed SQL Injection Traffic Detection) do not contain an XFF_IP entry?

Host

abc

Service

Events Threat

Event

OK -> CRIT

IP

10.y.z.w

Date/Time

2023-12-13 19:50:48

Summary

CRI

Migration from PA-3060 to PA-3260

I'm seeking advice regarding a migration from a PA-3060 HA pair with PAN-OS v9.1.X to PA-3260 HA pair v10.2.X. 

I understand that to have minimal issues for the migration, it is recommended to have the same OS version. From the Compatibility Matrix

Packets retransmission captured in packet capture on firewall but still seems dropping

Recently trying to debug a possible packet dropping issue at firewall (screenshot attached for reference). The issue is appearing when I try to make request to my server from my iOS device, some API calls works Ok but often few of those fails with 50

Checking admin users password expiration date

The customer wants to check the password expiration date of admin users. Is there a way to check this?