About TomYoung

Hello @vdemo-user22 ,   You will have to open a case by phone.  https://www.paloaltonetworks.com/company/contact-support  Sometimes the wait is long, and sometimes it is not.   Thanks,   Tom ... View more

Hi @Sanjay_Ramaiah ,   Absolutely! There are many, many ways.  Look at the details in the pics to see how.   You can create a widget under ACC.       You can create a custom report.   Click Run Now and you will see the results.   If you want a more granular custom report, you can change the day to hour.  You would need to change the Sort By to Top250 for hours in a week.  That view is not as nice as the ACC.   If you want a more detailed graph with smaller intervals, you may need to use an NMS and collect the data via SNMP.    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaSCAS   You could also use automation and collect the allocated sessions via XML API, "show session info".   I didn't see it under Monitor > App Scope.   Thanks,   Tom ... View more

Hi @NickoKristian ,   Here are your answers:   Yes.  https://docs.paloaltonetworks.com/compatibility-matrix/supported-os-releases-by-model/palo-alto-networks-next-gen-firewalls#id9680433e-055f-4f38-a7d0-6d31e7d557bc Follow the upgrade path from 9.1 to 10.2 here -> https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-upgrade/upgrade-pan-os/upgrade-the-firewall-pan-os/determine-the-upgrade-path. No.  Each NGFW must be upgraded to the next version one after the other -> https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-upgrade/upgrade-pan-os/upgrade-the-firewall-pan-os/upgrade-an-ha-firewall-pair.  The NGFWs will remain an HA pair with one PAN-OS major release difference.  Two major releases different will cause the older NGFW to enter a suspended state. Yes.  Also, do not worry about any mismatches or config not synced errors when the PAN-OS is different.  Upgrading the other NGFW to the same PAN-OS usually fixes those errors.  Obviously, make sure the config is synced before you begin. Thanks,   Tom ... View more

Hi @AhmedAlRashed ,   It works for me.  This URL has instructions for ISE guest, but it works for all authentications -> https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5sCAC.  There is another URL in @raji_toor 's response as well.  @jsalmans told you what filters he used to get it working.   I use these filters:   Event Regex: ([A-Za-z0-9].*CISE_Passed_Authentications.*Framed-IP-Address=.*)|([A-Za-z0-9].*CISE_RADIUS_Accounting.*Framed-IP-Address=.*) Username Regex: User-Name=([a-zA-Z0-9\@\-\\/\\\._]+)|UserName=([a-zA-Z0-9\@\-\\/\\\._]+) Address Regex: Framed-IP-Address=([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})   It works great.  It gets wired and wireless.  It gets the domain/ma-c0-0a-dd-re-ss of MAB devices.  MAB (MAC authentication bypass) will not give you a username because EAP is bypassed.  If someone wants something more descriptive for devices, they may look into Device-ID.   Thanks,   Tom  ... View more

Hi @OersPrintMedia ,   This table -> https://docs.paloaltonetworks.com/compatibility-matrix/globalprotect/where-can-i-install-the-globalprotect-app shows which versions will work on MacOS 14 (Sonoma).  I am pretty sure PANW would not add those unless they were tested.   You are right to check before upgrading!  I always wait a while before upgrading my Mac because I use a lot of applications, and I want to make sure they all will work.   Thanks,   Tom   PS If you click on the drop down in the upper right, you can edit your post. ... View more