Hello, I have set up GlobalProtect using AZURE SSO for the sign in and for group mapping I am using LDAP. However, in the GPSVC logs, I see users being returned as domain\\username2 slashes. This is causing issues with users not being able to get a client config as I am putting users in specific subnets according to their AD membership.The usern...
Hi I am trying to use the PAN-OS-PHP to bulk edit some rules. My question is can I chain/combine actions together. The documentation says that I can but when I try I get a syntax error Before I send the command to the Firewall I just want to check the rules that will be updated I don't think I am to far away but its just the sytax. If a...
Hi, With PAN-OS 12.1, IPv6 addresses are now also showing what Region they belong to. However, this seems to be limited to logs. Security policies, using specific regions/countries, will still not match the IPv6 addresses, even though the same IPv6 addresses shows the appropriate country code in the logs. Is this a known issue (internally perh...
File hash:946489974ee15fc44d6257edc16ba101ea5b167a2001e7d94ec0594d7fc518f5 Link to VirusTotal report:https://www.virustotal.com/gui/file/946489974ee15fc44d6257edc16ba101ea5b167a2001e7d94ec0594d7fc518f5/detection Current VirustTotal Verdict: Generic.ml Description: This 32 bit file is a component file of the text-to-speech software Panopreter at ...
Hi All, just aware of this new threat. Apparently there are some IPs we can scan on PAN to see if we are affected? Any suggestions are greatly appreciated. Thanks. Ql
Hi, Does anyone experience receiving alerts from photos.exe due to "Suspicious File Modification" and the Module is "Anti-Ransomware Protection" even the program is legitimate?Other factors I'm seeing is due to possibly outdated version of the said program. *See attached reference photo*I'm hoping from anyone's advice from other members with the...
Hi All, We enabled device configurations to block external devices connecting to endpoints in the organization and its work fine. In the Cortex XDR console, I can see the device control violations. We want to create alerts to detect the Device Control Violation based on a BIOC rule, as this is the only available option. I tried several...
Hi, I am following the instructions to apply the device certificate, but I am blocked by the following error:“Unable to execute OTP install operations command to some firewalls. Please identify the firewalls that failed the process from Panorama and retry OTP.” I followed the instructions provided in this link:https://live.paloaltonetworks.com/t...
Hi Everyone, I am following the instructions to apply the device certificate, but I am blocked by the following error:“Unable to execute OTP install operations command to some firewalls. Please identify the firewalls that failed the process from Panorama and retry OTP.” I followed the instructions provided in this link:https://live.paloaltonetwo...
Hello, we received an alert regarding the expiration of CDSS licenses on February 11, 2026, following a change in operation on the Palo Alto side. All our equipment is running at least version 10.2.13-h5. The partner portal does not show any affected devices. We would still like to know if this will have any impact on certificate management, act...
Hi,is there a way on Palo Alto firewalls to allow Windows Update traffic without manually defining a list of addresses?For example, is it possible to create a policy that automatically determines or updates the list of these addresses, without requiring manual administrator intervention?I would appreciate any information on whether such solution...
Hi All, Kindly help me troubleshoot the issue related to a Management IP address is getting changed automatically in Firewall. We have 2 devices are in active-passive mode and managed by Panorama. But somehow passive device Management IP is getting changed to active device IP automatically.
Hello, In viewing this report I've noticed its still flagging servers that have been patched already and wondering how often that checks against all endpoints? I can go on a server and its not showing any updates needed and then look in the report and its in there showing it needs 68 updates which all come from a cumulative update (windows) but ...
Hi, Currently we are running on GlobalProtect Agent 6.1.0 what is latest and recommended version to upgrade for any bug ?
Guys, Does anyone know if it is possible to block the hashes associated with older versions of Notepad++? My goal is to allow only Notepad++ version 8.9.1 to be executed, and to block the installation and execution of all other versions.
