Unexpected behaviour in security policy

I have one server belongs from the DMZ zone.
Example:-
server ip- 2.2.2.2
source ip for VPN user - 1.1.1.1
VPN zone
DMZ zone

There is 2 scenerio:-
policy(1) - I have created a policy like:-
sourcezone- VPNzone
source ip - 1.1.1.1
destination zone - DMZ zone
des

Failed to add imported nodes into Panorama

Hey Team,

I thought I would share my experiences with adding firewalls into Panorama and receiving the error message in the subject. The scenario is a HA pair with multi-vsys compatibility enabled - and 5 virtual systems. In all cases, adding the Pri

New AppID Category

I work for a K12 School district, and like many K12 school districts we are preparing for online testing for state proficiency testing.

We have also used online testing for AP testing, vocational testing, etc...

Online testing is one of the high priori

wildfire logs showing allow action for malicious url

Two wildifire logs (16 July and 20 July )  are showing for same url with malicious verdict and action is allow. We have checked wildfire report of both logs , all information is same (same hash value , first timestamp seen is 7 July etc. ).

If same ur

Global Protect Client won't reestablishment connection after update

Hi,

currently, I have a problem with the Global Protect Client Update.

After using the GP Client version 5.1.1 I updated to GP 5.1.5 but after the update the connection refuses to re-establish the connection.

The KBArticle (https://knowledgebase.paloa

Latest GlobalProtect host checker supported antivirus & firewalls list

Hi guys,

I'm searching, if exists, a knowledge article or a PDF more recent than this one : https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000D5kyAAC&field=Attachment_3__Body__s

Because it's for GP version 4 which is out

How to configure HIP.

Hi team,

++ I want to configure HIP- Anti Malware with virus definition version.

++ I see in HIP log for Definition version as 200729-4 but I am not able to configure the same in Virus definition option in HIP anti malware.

++ I am not able to use any

Block all SSH outbound

For a home user who uses VPN to access internal network, how can we block all his SSH outbound connection to internet?

IPS is not detecting threats

Palo Alto has recently released signature for CVE-2020-3452. however when performing a POC, I cannot detect any threat. I am using link available to public use - 

https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.

How to configure PAN-OS to email/alert me of potential attack?

So, you would think this would be an easy thing to learn and configure, however I can't seem to find the answer from any PA walk through, or through PA support.  

I'm simply looking to configure my PA-3020 (PAN-9.0.0), so that if a new threat is dete

GlobalProtect Gateway with Multiple Client Authentication Config

Hi there,

I have multiple client authentication configurations set up on my GlobalProtect portal which use the same OS type.

Order is as follows:

1 - Windows OS with local auth on the firewall.

2 - Windows OS with LDAP auth.

What i want to achieve is i