In Global Protect, there is an option called Disable Duration time, which is the time that automatically connects when the time reaches. For example, if the disable duration for 30 minutes, when the user disconnects the Global Protect, after 30 minutes, it gets automatically connected. Is there any similar setting like this in the Prisma Access ...
Opening a TAC case with Palo Alto is such a painful process Calling support makes one go in loops and then hangs up
Hello everyone, Here is the scenario: PA-A has the full configuration and a Device Priority of 50. PA-B has no configuration and a Device Priority of 100. Both firewalls are configured in Active-Passive mode and belong to the same Group ID. Under High Availability → General → Setup, for the option “Enable Config Sync”, which firewall should ha...
The "Resolve Hostname" feature can resolve the ip address in a log entry to the corresponding hostname using the address objects configured on the firewall or by doing a DNS lookup. When this box is checked, the firewall tries to resolve the ip addresses in the logs to the corresponding hostnames. When the checkbox is selected, the device will f...
I would like to view XFF IP Address in the Logs. I went through a few articles and have a few clarifications: https://docs.paloaltonetworks.com/network-security/security-policy/administration/identify-users-connected-through-a-proxy-server/use-xff-values-for-ip-based-security-policy-and-logging https://docs.paloaltonetworks.com/network-securit...
Can we please having more info than "This hotfix includes performance and bug fixes"?
Storage is full from a Cyvera Log file with 706.1GB size this seems to happen every Monday, very odd. We've been wiping it manually for the person to continue working. Anyone encounter this issue before?
Hi everyone, we are currently facing a strange issue with GlobalProtect + Duo MFA and have been able to narrow it down quite a bit. I wanted to check if anyone has already seen this behavior. Environment GlobalProtect Client: 6.3.3-c876 Prisma Access Mobile Users Dataplane Version: 10.2.4 Authentication: SAML via Cisco Duo Cisco Duo federated t...
Dear Team, When I am doing implement Site to Site VPN ipsec tunnel then tunnel status is down & Ike gateways is down after test commands manually trigger negotiation, then all up. But still source to destination unable to ping. Already on virtual router point to tunnel interface for all traffic on both firewall. On security policies allow ...
Hey All, Completely new to firewall configurations, so i'm hoping to get some clarity. I was tasked to configure a PA-445, i'm trying to do a basic setup and can log into the GUI but the option to setup through the Standard method doesn't do anything after clicking the button. The ZTP setup works when i click on that button and can see the in...
Hi, Does anyone know what is the real purpose of the default certificate named TLSv1.3_Default which came after upgrading to 11.2 ? Regards
Is there a way to assign a Asset Type to a custom Prisma policy? The only way we can currently do it is to copy a default policy that is already mapped to Asset Class and type. Thanks.
Hello Palo Alto Networks team, I would like to request a false positive review for the following file detected by Palo Alto Networks on VirusTotal. File Hash:b278381a97cfea52a408b9aae69e5c70aad3ed6dba8489783defcb6b9dead0d2 Link to VirusTotal report:https://www.virustotal.com/gui/file/b278381a97cfea52a408b9aae69e5c70aad3ed6dba8489783defcb6b9dead0...
Hi All, From posts/discussions year or so ago it looks like there was a XSOAR community edition or trial edition available for people who want to evaluate or learn the platform. However, I cannot find any where to download the version or any other way to build PoC environment. Is there anything out there that I can use for PoC purposes? Thanks
This has been bothering me for a while. Look at all this useless space that is taken up now! 1/3 of the screen is useless. I wish I could scroll it away, but we are forced to deal with it. The information I need to actually review is even further down in the bottom 40% of the screen.
