Can anyone tell me if this is legitimate or if it's a false positive? My Cortex XDR hasn't found any behavioral issues to go along with it either.
Hi,
I have the below topology
PA has two 40 g ports and my core has 4 40g ports . server SW also has 40 g ports ( the switch is for connecting servers )
core required two 40g Ports for cross-connection.
So remaining two 40g connections,
Do I need to
...
Hi Team,
We had configured LDAP authentication on Palo alto firewall.
The LDAP server had been configured and we had checked the connectivity and it was successful. Created an group mapping and included an group in the include group mapping.
Checked
...
Hello,
We have an issue with forwarding an IPsec connection to a VPN device behind the PAN-OS FW.
So the setup is supposed to be the following:
* PAN-OS is using outside interface 192.168.1.1/24
* 192.168.1.2 is an address with DNAT to 10.10.10.1 on an
Hi
NAT is setup at PA for outside users to reach DMZ server based on protocol
The topology is like the below:
SW1(f1/1) -------- (e1/1,DMZ)PA(Outside,e1/5)--------(f1/5)SW2
Interface config:
e1/1 10.100.255.1/24
f1/1 10.100.255.2/24 as inside Server
e1/5 4
...
Hi All,
Is there a way where, I can generate report of firewall events, Like login events from system logs, As daily basis. And I will share through email.
NGFW
Has anybody migrated Panorama from on prem to AWS? There are a few options that are available to us, and I am trying to decide which option is the best. Also, if you can list any "gotchas" during the migration that would benefit us, that would be rea
...
Hello,
just a little question it is possible to terminate a vpn-ipsec with a secondary adresses on external interface or I must use the main interface?
thks,
ALex
I've gerenated a CSR to give my enterprise CA. Now, I've recieved the enterprise CA-signed certificate ann imported it onto the firewall.
The status reads "valid". The "Key" box is checked, however the "CA" box isn't.
Also, when I select the certifica
...
We are on 8.1.21 - When creating a geoblocking rule I do not have the option for 'Regions' in my rule drop down. Is this due to my version OR do i need to upload a geoblocking list [how?]
thanks!
Hi,
Iam facing the issue with global protect is not connected with IOS users and getting this error after entering username and password.
)
P1839-T259 12/22/2021 17:19:18:962 Debug( 127): set session proxy to 1-0x104d4b5d0.
P1839-T259 12/22/2021 17:1
Has anyone else had an issue with the Threat Log -> Syslog forwarding? It seems we are only getting the medium detections forwarded despite many informational events seen in the Threat monitoring. I thought there was a filter somewhere but we have it
...
What Threshold times are you guys using, why and has the log4j caused anyone to decrease this time?
Stock photo for example.
Hi folks,
We have a vendor requiring a public IP for the encrypted traffic. Their guidance is based on Cisco configurations using "NAT before IPSEC" configurations. Can anyone share/link a guide for this configuration on Palo? Currently on PAN-OS
...
reaper
on:
What does ch mean in PA-VM-OS Software?
OtakarKlier
on:
PCNSE Bootcamp
reaper
on:
Version 11.0 or 11.1?
