LDAP

We plan to enable channel binding for LDAP on our domain controllers.  Since the firewalls use LDAP for querying AD information from the domain controllers, do we need to make any configurations to the firewalls to be compatible?

radius and PANF gui

Hello ,

I have integrated Radius with VM FW

the ssh to FW works . I have not created any local user on FW , All users are on radius server

but gui to FW does not work  with radius account ;

when i enter radius creds in gui , it accepts and co

Intrazone-default rule

Hello,

I would like some advice on Palo Alto's default intrazone-default rule.  Unless I have a drop any any above this rule I see IP's from all over the public internet hitting my Palo Alto and being accepted on the intrazone rule as the traffic is

Tests anti-malware signatures before releasing them to the public

I would imagine Palo Alto tests dynamic updates such as  Antivirus and Device-Dictonary signatures through a rigorous process before releasing them to the public.  Does anyone know where I can find that process?

List of domains to allow for in-flight WiFi

Hi all,

I've been working with a number of customers lately who have been trying to gather a list of in-flight wifi domains that they need to allow as GlobalProtect Enforcer exceptions and I thought I'd share them here. I'd also ask that you please

PA restart with Internal packet path monitoring failure

We have a pair of 3220 in a cluster. Yesterday we upgraded to 10.2.9-h11 and today we faced a restart of the Active peer twice with this error:

Internal packet path monitoring failure, restarting dataplane

I could not find any bugs related to this

PA-445 stability?

Anyone else having issues with PA-445 stability? We're doing our 2nd RMA in less than 6 months on a PA-445 that just randomly restarts. It's on dual independent electrical circuits (with UPSs). After the first RMA it did it again and support said it

Log Forwarding - Traffic Works, Others Do Not

I have to be missing something simple, for forwarding logs to a collection server. I can get the traffic logs, no issues, but all the other logs, will not send (Threat, Wildfire...). Do the other logs need some kind of special forwarding, or permissi

Max Tunnels for GlobalProtect

Can someone help me to understand the maximum number of concurrent connections possible with the GlobalProtect Clientless VPN solution? Preferably any documentation where this is specified would be great!

User's traffic not hitting correct security rule.

We're running into an issue where a rule that is meant to update anti-virus protection on port 443 is slipping through and being caught by a lower rule which denies any application and service. (Hardware: PA-5050, OS version : 8.1.6).

As far as the se

Firewall WAN Zoning configuration best pratice

Hi, If the customer environment have 3 different internet service provider. Should I got 3 different zoning or just configure 1 Zone for 3 different internet service provider.

BPA for NGFW and Panorama

Hi Team,

Without Strata Cloud Manager access cant we do BPA?

Here in the below link we can do it for free is what it says.

https://docs.paloaltonetworks.com/strata-cloud-manager/aiops/best-practices-in-ngfw/on-demand-bpa-report

How to get access to

transfer the vm panorama to the nutanix

Hello

Customers are using VM Panorama for VM-ware.

Sooner or later, however, the customer will replace the vm-ware with a nutanix.

VM Panorama version : 8.1.6

VM Mode : VMWare ESXi

1. Can I get an image of a VM Panorama in use and use it in Nutanix?

2. W