DNS resolution for management interface not working after upgrade to 10.2.3

Since upgrading our firewalls from 10.2.2-h2 to either 10.2.3 or 10.2.3-h2, any DNS resolution from the management interface is failing. Attempting to ping an FQDN from the CLI results in "ping: cnn.com: System error". I confirmed that the DNS server

Dokuments like Ciscos "Forensic Investigation Procedures for First Responder Guides"

Hi,

I'm updating our documentation and after switching from ASA to Palo:

Is there something comparable to the Ciscos Guides

https://blogs.cisco.com/security/new-forensic-investigation-procedures-for-first-responder-guides but for Palos? I can find on

Trying to connect two separate networks that share the same IP addresses to a third networking using virtual routers and NAT on PA-440

We have a bunch of separate video networks that are separate, but use the same IP address space for each. Each is connected to their own dedicated switches and is attached to a couple of hundred cameras and a DVR. We would like to connect these netwo

X-forwarder header does not work when vulnerability profile action changed to block ip

ISSUE REPORTED: unable to block x-forwarder ip when the action is set to block ip in the vulnerability profile
------------------------------------------------------------------------------------------------------------------------

Discussion,observati

The allow security policy configured with the app-ID "netbackup" and an "application-default" as a service doesn't work correctly.

Dear and valuable Live Community Members,

I have a problem understanding the below-described behavior in regard to the security policy used in the firewall: 

We have a firewall policy configured to allow NetBackup traffic, but if we configure it

Path Monitoring - latency

I'm not using PAN SD-WAN.

I have static route path monitoring configured for multiple ISPs.  If pings fail, the path goes down as expected.

If the pings succeed, but latency is abnormally high, the path stays up.

How can I set a latency threshold

communication of vlan interfaces not working

Hello,

I have two firewalls connected over "L2 Line" from our ISP.

We would like to use this line to route between our two sites instead of IPSec tunnel.
On this line I can use vlans from 1-100 for communication.

On both firewalls I created L2 interfa

PAN-DB URL Filter expired even if Advanced URL filtering is still valid

I purchased service bundle for my PA firewall,  PAN-PA-220-BND-LAB4-R, which includes PA-220 Lab Unit Renewal Service Bundle (Threat Prevention, DNS, PANDB URL Filtering, GlobalProtect, WildFire, SD-WAN, Standard Support) Period.

After activation,

PA 3260 Policy Rule losing DNS resolution to FQDN-defined site - 4.19.23

We have a policy rule that contains an FQDN-defined website destination (yandr.wiredrive.com). When initially configured to pass traffic to required cloud-based resources, DNS resolution to the wiredrive.com site would happen regularly, usually after

getting system alerts

Hi Team,

frequently we were getting system alerts as " PANDB: Authentication or Client Certificate failure"  after restarted the management server we didn't get error for PANDB, but now we are getting " failed to resolve host wildfire paloaltonetwo