Disable Weak cipher suite

Has anyone had success getting past a B on ssllabs for the globalprotect web portal

TLS_DHE_RSA_WITH_AES_256_CB

GlobalProtect Portal SSL in PANOS 8

Hello all,

I have noticed an important difference in PANOS v8.0 in comparison with PANOS 7.x.x concerning the SSL settings for the GlobalProtect portal.

More specific, the famous site for SSL Server tests, Qualys SSL Labs presents PANOS 7.0.x with Gr

GlobalProtect Split tunneling support on Chrome OS

We have implemented split tunneling in GP configuration for operating systems including Windows, iOS, and ChromeOS. It is working on all devices except Chromebooks. Doing further research, we are not very clear whether split tunneling is supported on

How to connect MineMeld to MISP

I tried following the steps at GitHub - PaloAltoNetworks/minemeld-misp: MineMeld nodes for MISP but to no avail.  My searches for other sites or resources have not proven successful.  Can someone point me in the right direction so I can integrate our

Gmail, Me email not being allowed through on Mac Mail

Hi,

I use gmail.com and me.com for email.

when I used the web interface, no problem at all.

But when I use my Mac (OS X 10.6.6) Mail client 4.4, however I for some reason or another the client cannot access these two email accounts it just times out.

User-id agent secure connection using enterprise CA

We are using one user-id agent for four locations and want to use enterprise CA cert to resolve vulnerability detected on port 5007.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGFCA0

Have below queries :

1. Can we genera

U-turn Nat between isolated networks

Hey Guys and Gals

I am having an issue getting u-turn nat to work between two isolated networks on the same Palo.  I am basically tiring to allow Interanal clients to access a webcam server in a IoT network.  I think might issue might be that I need

Palo Alto multiple configuration for log forwarding

Hello,

I am in the process of setting up a server for syslog relay to Azure Sentinel. Currently my Palo Alto systems forward their CEF logs to LogRythm. I am looking for a way to set up my Palo Alto to forward the same logs to the new syslog relay se

Spotify and URL Filtering

Hello

Spotify, besides being detected as a application, connects to certain URLs for information.

What URLs are these? Id like to making a URL Filtering category so I can allow this traffic to pass.

Thank you.

Anyone else have a ton of these?

URL filtering I keep seeing lots of clients for this URL:

play.google.com/log?format=json&authuser=0

Anyone know what application can be causing this request from the client PC?

Block domains using EDL

Hi,

We are doing test in order to block the domains using EDL but its not working. We are doing test with this domain: unrealengine.com

This is the config:

The domain is added to the EDL domain list:

The antispyware profile is created with the list:

T

use of binaries in Global Protect

Hello

I want to know if the binaries  wa_3rd_party_host_32.exe and wa_3rd_party_host_64.exe are essential for use in Globlal Protect, and what service of Global Protect are use these.

I see this articule:

https://knowledgebase.paloaltonetworks.com/KCSA