https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/996587#M122391 <P>Hello everyone,</P> <P>I am a Palo Alto PA-450 user. In our organization, we removed around 20 computers from the domain due to their outdated versions. However, these computers continue to log in using the credentials of the last user who logged in while they were still in the domain. This is not a major issue for us. The problem is that these computers are still accessing the internet. When we investigate using Putty, these devices appear as 'unknown' and are obtaining IP addresses. Is it possible to create a rule in our firewall's policies section to allow only computers within the domain to access the internet?</P> <P>&nbsp;</P> <P>"I used ChatGPT for translations as English is not my native language. I apologize if my sentences are unclear."</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 04 Dec 2024 21:01:36 GMT hasanuzun27 2024-12-04T21:01:36Z https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/996587#M122391 <P>Hello everyone,</P> <P>I am a Palo Alto PA-450 user. In our organization, we removed around 20 computers from the domain due to their outdated versions. However, these computers continue to log in using the credentials of the last user who logged in while they were still in the domain. This is not a major issue for us. The problem is that these computers are still accessing the internet. When we investigate using Putty, these devices appear as 'unknown' and are obtaining IP addresses. Is it possible to create a rule in our firewall's policies section to allow only computers within the domain to access the internet?</P> <P>&nbsp;</P> <P>"I used ChatGPT for translations as English is not my native language. I apologize if my sentences are unclear."</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 04 Dec 2024 21:01:36 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/996587#M122391 hasanuzun27 2024-12-04T21:01:36Z https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/997459#M122479 <P>the IoT addon license allows you to fetch all your device serials from (among others) Entra ID and apply security based on the device serial</P> <P>you can also make DHCP exceptions for the mac addresses of the allowed/decommissioned devices and prevent the outdated devices from joining the network</P> Tue, 10 Dec 2024 11:44:18 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/997459#M122479 reaper 2024-12-10T11:44:18Z https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/997559#M122488 <P>Hello,</P> <P>If you have user-id setup, you can create security policies that allow internet access only if the user-id is of a matching domain user. Also set the user-id to a lifetime of like 45 minutes.</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5bCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5bCAC</A></P> <P>&nbsp;</P> <P>Regards,</P> Tue, 10 Dec 2024 21:49:54 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-unknown-devices-that-are-not-within-the-domain/m-p/997559#M122488 OtakarKlier 2024-12-10T21:49:54Z