Global Protect 3.0.0 Gateway Certificate Error "Server Certificate verification failed" *FIX*

Hi All,

Recently had a client upgrade their Global Protect Agent to 3.0.0 from 2.2.2. 

When connecting to the Gateway they would encounter the following message - "Server Certificate verification failed".

From 2.1.0 you had to ensure the External

Span or port mirror?

Is it possible to use interfaces on PA-5020 as span or mirrored ports of other active interfaces on the same device?

Blocking brute force SSH to firewall

For various business reasons I need to allow SSH directly to a PA-3020 to manage the unit.  Is there a way to apply a vulenerability policy to this traffic so that I can block bruteforce attacks?

Thanks

Dustin

Can I Obtain the CVE in the PA event Log

We have numerous PA firewalls that alert for vulnerabilities. I also have a product that scans for vulnerabilities in my network. The scanning device has CVE numbers in its events. The PA has PA's unique identifier in its event. Is there a way for me

Minemeld - ESXi6 Problems

Hi, i have a problem with minemeld.

Hi is there any good user guide to get this ting working? It seams that nothing i do is allowed or saved. The only thing i have done on the box is changing the ubuntu password and the root password, converte

Error after Upgrading to 6.1.10

I upgraded our Panorama and two PA3020's in a HA setup this morning. Afterwords I am getting the following errors committing from Panorama to our PA3020's.

• Details:
• . Configuration committed successfully
• Warnings:
• . vsys1 (vsys1)
• . Warning: NAT DIP

Syslog parser

Hi all, do you know if it is possible to use the syslog parser to obtain device information (for instance Operating system) and use this info in security rules?. I am using the syslog parser to obtain the IP-User mapping and it works perfectly, now I

How to reimport a Chained Certificate signed by a Public CA

I purchased a certificate from a public CA to be used for a Global Protect deployment. When I originally imported the certificate, I failed to import the chained certificate per the instructions at https://live.paloaltonetworks.com/t5/Management-Arti

continuously more than 50% cpu by genindex.sh for longer periods of time

Hello,

does anyone know, what genindex.sh is exactly for any how often or by what it is triggered ?

It consumes more than 50% CPU for longer periods ( >10min ) of time watching with "show system resources follow"

User-ID Agentless question

Is there a reason why with Agentless User-ID I still never see any logs in Monitor? As shown below it definitaely is working but traffice logs do not sohw user-ids. I have a any any policy and user-id  box is checked on  the zones. ANy ideas? I ahve