Receive errors on all traffic interfaces

Hi guys

I am a bit lost in our own network...... We have a PA-820 Cluster in active-passive mode. It is running for maybe 7 months now. Each firewall has 2 uplinks to our 2 core switches and 1 downlink to the access switch (with subcontractor on it).

DHCP allocation showing blank

DHCP allocation is showing blank on Palo alto on version 10.1.8. please suggest

All OSPF neighbors suddenly down

Hello all,

Customer has a problem were their PaloAlto suddenly declares all neighbors adjacencies down, after that the PaloAlto will do a grateful restart and the OSPF neighbors will change to init, and then go full again, this OSPF flapping lasts

ICAP Support with PAN-OS 11.0

Hi,

I've just been reading about the new proxy capabilities with PAN-OS 11.0.

I could find any mention about ICAP support. Is ICAP supported?

Thanks,

Ben

PA 10.2.3, RADIUS Challenge caused timeout even it shows auth success on Monitor

Hello All,

I have Palo Alto 10.2.3, and also 10.0.3 as a test. I used RADIUS to authenticate to the admin UI, then the RADIUS server sends a challenge, this is being handled normally by 10.0.3 but 10.2.3 seems to timeout although on Monitor it shows

Is it possible for Dynamic group containing all DHCP issued ip's from a palo reservation scope??

Hi All,

I have a requirement.

Palo DHCP reservations direct mac to ip- say 50 (changed occasionally enough to be annoying)

I want a Dynamic group that skims the content of the reservations and permits in only those in an ACLs.  Its painful to keep do

MLAV: Authentication or Client Certificate failure.

Does anyone know about the alert. MLAV: Authentication or client certificate failure?

App-ID Override Policy Matching

Is there a way to identify what traffic is hitting a specific App-ID Override policy?

We have several poorly configured App-ID override policies I'm trying to clean up and consolidate but they override to the same custom application, and it is not

Advance URL filtering - License - error "License required for URL filtering to function"

Hello team,

I have a valid advanced URL filtering License - but when i navigate to URL filtering it says error "License required for URL filtering to function"

Do i need to get PAN-DB url filtering license too ??

or is there some setting which

Antivirus updates failing 9.1.15

Hi All.

I am having issues where the antivirus updates are not checking the servers nor downloading.

I have a valid advanced threat license and an expired threat license.

Background running: 9.1.15

Observations:

Content updates are functional a

Please Release App-IDs for IBM AS400 user traffic

Hi,

we have noticed traffic from users connecting to mainframes/midranges is showing as "unknown-tcp" and "insufficient-data" for the following ports:

TCP/449 (Server Mapper)

TCP/8470 (License Management)

TCP/8471 (Database Access)

TCP/8475 (Remo

PAN to rsyslog on Ubuntu 22 yields unusable file names

Hi.

I have a default setup w/ Ubuntu 22 as a rsyslog server. I pointed my PAN 10.2 to it, and am getting log data, but I am not getting a usable / meaningful file name. I'd like the log file name to be something like "perimfw" or some such to start.