GP -> SAML -> EntraID Windows users vs Mac user experience issues

Got a weird one and I'm on Mac so short of pestering my colleagues reaching out to the greater community while I wait on support to attempt to triage.

GP client 6.2.3 - PAN 11.1.2

GP setup;

• using default browser to support our yubikey users
• using

Help finding partial config diff API

I'm working on an integration to segment access to the Panorama feature to review audit comment messages and partial config diffs for policies.  In Panorama, if you navigate to Policies -> <select a policy> -> Audit Comment Archive, there are three p

Add managed firewall to Panorama without import policy to Panorama

Hi all

There are pre-rules, local firewall rules, post-rules and default rules after I added a firewall to Panorama, but when we import the configuration to device group, seems import rules to pre or post rules is a must during the the import opera

No logging for URL Filtering on Panorama

Hello all,

Having some trouble getting URL filter logging to work correctly.

The PA is currently running version 10.2.6

When going to Objects > Security profiles > Url Filtering, I do see red text saying a license is needed for URL filtering. B

NGFW - Panorama registration 3978 : Traffic allowed but RST constantly.

Hi, 

I was trying to connect a new PA-440 spare device to our existing Panorama infrastructure, when i faced this weird issue as shown in the system logs. 

It's as if the TCP session starts and abruptly ends on port 3978 leading to a never ending

Panorama - Failed to update content with following message: encfilesize is 91736928

Hi Mates,

Our Panorama Pan OS is 10.0.12-h3 with older content update. While installing 10.1.12 PAN OS it is asking to update the content updates first.

While installing content update in Panorama gives below error.

• Failed to update content with foll

Cisco ACI-Plugin for Panorma: IP Subnet of BridgeDomain not being synced

Dear Guys

we have a Cisco ACI in place that polcy redirects all traffic to our Palo DC firewall.

For creating policies we rely on the Cisco ACI Plugin to sync endpoint information (IPs, Subnets, etc.) from ACI.

The issue: The "bridge domain" elemen

Errors after deploying template from Panorama

Hi all,

I am seeing the below errors after deploying templates to Palo's when attempting to commit HA configuration.

I have applied the HA IP so unsure why that is stating ip-address to be configured?

Also what is best way to resolve these dynamic

Panorama fails to upgrade itself with error: Label sysroot1 does not indicate a valid image

Hi all,

      last time I tryed to upgrade my Panorama, I had this error: "Label sysroot1 does not indicate a valid image".

The panorama is working, also I'm able to upload images and content to managed firewall, only I cant upgrade itself.

Is not re

Need help with setup of new Palo Alto device

Need Palo Alto Tech support help on the phone - how to get to them?

Problem with viewing and downloading 30-day logs on Panorama server

In this case, Panorama is not displaying the logs report correctly. So, I suggested the following :

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClK8CAK

Then, I shared my action plan:

1. you could access the Panorama

Upgrading 10.1.11-h5 to 11.1.2 directly ?

We have acquired 14XX series firewall for one of our locations, currently running Panorama version is10.1.11-h5 (VM-mode -Microsoft Azure, VM-100, system mode-panorama).
This firewall 14xx is only compatible with 11. prior adding 14xx firewall, we mus