Device Certificate Issues.

Hi Friends, One of our customer is facing issues in fetching the device certificate on a PA-410 device running on PAN OS 11.0.4-h2. We are logging into the CLI of the firewall with Super User credentials and try to fetch the certificate with the below command > request certificate fetch opt < >It shows us invalid syntax error. From ...

PA-450 is not booting

Hi everyone, We are currently configuring a new Palo Alto PA-450 and the device is no longer accessible by web management and over console. At the first power on booting has been done normally and all led was blinking fine. We started access the WebUI and the device reboot automatically. Now it's not booting and the led status is amber in PWR,...

Validation Error for High availability

The error message when commiting is: Validation Error: deviceconfig -> high-availability -> group -> state-synchronization unexpected here deviceconfig -> high-availability -> group -> state-synchronization is invalid I configured high availability using yaml ansible code. After enabling high availability, and setting up a fe...

synchronize google organizational units to PAN

hello team:Is there a way to sync organizational units from google to Palo alto?or from Device > Authentication profile > advanced > allow list > all Greetings. #paloalto

Advertised static route on BGP over IPSEC.

Hi all, I have established BGP peer. I've created redistribution profile with interface that i want to advertised to BGP The subnet directly connected to interface could be reached/ appear in local RIB My next objectives : I have point-to-point from Palo interface 1/9 to Firepower ( my stagging room ) PTP 10.165.10.193 (PA) & 10.165.10.1...

Firewall CLI showing call history

Hi, We running command show user mapping on our firewall PA5410 with PANOS 10.2.9-h1. Have anyone see this error? it always show when we running show ip user mapping all / with filter tried other command like show system info and show system disk-space it not showing any error from the CLI. Thanks, Denny

Block Facebook app except Messenger or facebook chat on Mobile

When Pushing SDWAN config to fw got this error: pan_routed_cfg_altcfg_add_if(tunnel.902) failed

I am trying to do a SDWAN push for a newly imported fw. The interfaces is not existing on fw.It comes from another PN also configured with SDWAN, moved to new one and all except SDWAN config copied and working. Then added fw into SDWAN device and existing cluster (with 15'ish fws already). Commit to PN (other) is ok. when push to fw we got the e...

Upgrade path from PANOS 9.0.17-h5 to 10.1.13-h1

Hi Experts, I'm going to upgrade from PANOS 9.0.17-h5 to 10.1.13-h1. Could you please advise me the download and install path. Additionally, Tell me how many reboots. It would require reaching out to 10.1.13-h1. Moreover, can you please help in order to prepare a plan, we need to determine how much time to request for the change window a...

Amber LED on PA3220

Hi All, I am getting amber LED on the firewall PA3220. Observed alarm is active for Temperatur : Qumran Switch Core. Can anyone know what is causing this issue and how to resolve. all other alarms are False only this alarm is true. show system environmentals ---> ----Thermal---- Slot Description Alarm Degrees...

Decryption failed

Hi guys , PA820 . OS Version 10.2.9-h1 I am try using the decryption function to see more application informationI generated the CA certificate from PA and imported it locally. From the decryption log, I saw many errors with various URLs.Can anyone help explain how to eliminate this? error eq 'Received fatal alert CertificateUnknown from cl...