Our community is an active and collaborative place to learn more about best practices, digital events, share ideas, find answers and ask questions to fellow fans! Check out our most popular conversations happening right now!
For those who have implemented SSO and MFA for Administrator web access to firewalls and Panorama, what was implemented? Did you use SAML or Radius. Is Azure AD an acceptable IdP? What was used for MFA?
Thank in Advance
Hi Team,
We have multiple IP-sec tunnels and want to clean up unused tunnels.
Like we have the option of an unused rule for security policy, or we will know by its hit count, is there any similar way we can find out an unused tunnel so we can delet
...
I am trying to open a case in the portal for one of our customers and the page is not working. I have a TSF to upload as I believe our customer has evidence of exploitation of CVE-2024-3400
Hello,
I've configured on PA5060 an Idenfication with AD:
PA5060: 4.1.6 USER ID AGENT : 4.1.4-3
LDAP SERVER 389
I do a group mapping by group but this group have more than 16000 users.
when I do a show user usersIDS , I can't see all my users. I know
...
As stated with this link, a client version of GlobalProtect for ARM has been released
GlobalProtect fails to connect on windows 11 ARM64 with error message: Could not connect to the GlobalProtect service.
As I migrated to a new machine (ARM process
...
Hi all,
last time I tryed to upgrade my Panorama, I had this error: "Label sysroot1 does not indicate a valid image".
The panorama is working, also I'm able to upload images and content to managed firewall, only I cant upgrade itself.
Is not re
...
I'm currently in the process of migrating my company from AnyConnect to Global Protect on our 5220s. I'm looking for your feedback on how you all "monitor" the VPN service?
When comparing the "dashboard" view of Cisco's ASDM I don't really see anyth
...
Palo Alto Networks will release a new Advanced URL Filtering category called “Marijuana”.
ACTION: Action may be required. The default action for this new Marijuana category is “allow.” If you currently alert on or block marijuana websites (usi
...
Trying to slim down a rule for outbound traffic with clients using MS defender. I built a custom URL list of the defender urls provided by MS. Added it to the policy under service/url category. The apps used are ms-update, ssl, web-browser, windows-d
...
I have noticed there are alot of random IPs that are trying to login to my GP portal. We are using pre-login method of GP so legit users do not login. GP starts and does an auto-login pre-windows login. The logs tell me these failures are coming from
...
We're currently running on 10.2.3-h9 (PA-440's in HA pair Active/Passive) with remediation steps put in place for CVE-2024-3400 and Telemetry disabled.
We attempted to migrate to 10.2.8-h3 as it is listed as a preferred release and fix for the CVE a
...
I am unable to route between SVIs configured on an ION-1200s. Is there something that we're missing with configuration?
Can ping within SVI (device on SVI subnet can ping its GW)
Can ping SVI GW to SVI GW
Device on one SVI cannot ping GW of another
...
Hi All,
Our organisation purchased two Mpls link and wants to configure an PBR like such
1) All intranet traffic like dns, ntp shoud go via primary MPLS
2) All internet related traffic should go via Secondary MPLS
3) In case Primary MPLS goes dow
...
Hi All,
We have a requirement to create a ServiceNow ticket by taking the slack user responses.
I have built a playbook which does send the SlackBlockBuilder to the specified Slack channel but the playbook runs only when an incident is attached to it
...
Hello all,
I am working with Slack from the playbook level where a message summarizing an incident is sent followed by Slackask automation to ask users on a channel to confirm the information with two interactive buttons. Take note that the flow has
...The proliferation of unsanctioned Post-Quantum Ciphers leads to blind spots in your network visibility, with PANW Firewalls you can now DETECT, LOG and BLOCK unsanctioned ciphers. The Quantum Threat o...
By Vinay Kumar M, Senior Staff Engineer Summary There are numerous security concerns while using 3rd party Webhooks Providers like pipedream, webhook.site, etc. However, a lesser known alternative is ...
By Vinay Kumar M, Senior Staff Engineer Summary As a Prisma Cloud user, you have access to a specific Prisma Cloud stack. When a user logs in to a stack, it gets a JWT token to access that specific st...
By Vinay Kumar M, Senior Staff Engineer Purpose The API which is to be used for Performing Config Search with Network RQL's - 'config from network ...' Symptom /search/config API - https://pan.dev/pri...
