PA-450 is not booting

Hi everyone, We are currently configuring a new Palo Alto PA-450 and the device is no longer accessible by web management and over console. At the first power on booting has been done normally and all led was blinking fine. We started access the WebUI and the device reboot automatically. Now it's not booting and the led status is amber in PWR,...

Validation Error for High availability

The error message when commiting is: Validation Error: deviceconfig -> high-availability -> group -> state-synchronization unexpected here deviceconfig -> high-availability -> group -> state-synchronization is invalid I configured high availability using yaml ansible code. After enabling high availability, and setting up a fe...

synchronize google organizational units to PAN

hello team:Is there a way to sync organizational units from google to Palo alto?or from Device > Authentication profile > advanced > allow list > all Greetings. #paloalto

Advertised static route on BGP over IPSEC.

Hi all, I have established BGP peer. I've created redistribution profile with interface that i want to advertised to BGP The subnet directly connected to interface could be reached/ appear in local RIB My next objectives : I have point-to-point from Palo interface 1/9 to Firepower ( my stagging room ) PTP 10.165.10.193 (PA) & 10.165.10.1...

Firewall CLI showing call history

Hi, We running command show user mapping on our firewall PA5410 with PANOS 10.2.9-h1. Have anyone see this error? it always show when we running show ip user mapping all / with filter tried other command like show system info and show system disk-space it not showing any error from the CLI. Thanks, Denny

Block Facebook app except Messenger or facebook chat on Mobile

When Pushing SDWAN config to fw got this error: pan_routed_cfg_altcfg_add_if(tunnel.902) failed

I am trying to do a SDWAN push for a newly imported fw. The interfaces is not existing on fw.It comes from another PN also configured with SDWAN, moved to new one and all except SDWAN config copied and working. Then added fw into SDWAN device and existing cluster (with 15'ish fws already). Commit to PN (other) is ok. when push to fw we got the e...

Amber LED on PA3220

Hi All, I am getting amber LED on the firewall PA3220. Observed alarm is active for Temperatur : Qumran Switch Core. Can anyone know what is causing this issue and how to resolve. all other alarms are False only this alarm is true. show system environmentals ---> ----Thermal---- Slot Description Alarm Degrees...

Decryption failed

Hi guys , PA820 . OS Version 10.2.9-h1 I am try using the decryption function to see more application informationI generated the CA certificate from PA and imported it locally. From the decryption log, I saw many errors with various URLs.Can anyone help explain how to eliminate this? error eq 'Received fatal alert CertificateUnknown from cl...

palo alto pa220 pan os 8.1.5

Hi I bought second hand a palo alto pa220, it is new, never had a license but it has a very old pan os, version 8.1.5, is it possible to upgrade it to a newer pan os? i would like it very much

Panorama DLP Log error

Hello, I am testing it internally with a DLP PoC request from a customer. It was difficult because the conditions were not good, but I was able to activate DLP and check the log in Panorama. However, when I try to check the DLP report in Data Log, the following error occurs. Why does the error log below occur? - error log : No report ID availa...

[#20240701-0110] - anti-virus and threat detection within websocket connections

Hi, I just came across an interesting question regarding websocket connections running through an NGFW. How does virus inspection and threat detection work here? From what I know websocket connections aren't compatible with normal HTTP connections (ignoring wss for the moment which might be a different problem). So is an NGFW still able to sca...

Connection drops during peak hours

Issue was ISP. They fixed it.