Query for routing table

Hello, everyone.

One query.

In Palo Alto Firewalls, what is the correct command in the CLI, to "validate" if I have or don't have a route, to reach a particular destination?

The correct command is "show routing route" or "show routing fib" ???

What i

file blocking profile not working for SFTP

Hii

we are trying to access our internal storage using SFTP from internet. after applying file blocking profile we are able to access mentioned files but firewall not restrict the file. we found that file blocking is not happening.

Please advise ho

unknown command during SSH script

by testing a ssh skript i get an "unknown command" error from the CLI

Best practice for Active/Passive HA and OSPF

I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSP

Inquiries about PBF nexthop settings when the ISP is a DHCP Client

1. Issue: PBF does not operate normally when the public IP received from the line is a dynamic IP

2. Measures
- If the circuit IP is a static IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting
- If the line IP is a d

Understanding URL Filtering security profiles vs Rule Action

Hi!
I have a pretty basic question that I couldn't find the answer to - am hoping that someone could help me understand this.

Let's say I have a security rule:

Rule 1: src=192.168.1.0/24, Dst=192.168.2.0/24, Svc=Any, Action=Allow, Security Profile=A

Split-tunnel not working properly

Hi folks,

Our customer configured split-tunnel on VM to include only certain IP addresses and domains and want to exclude any other traffic, so exclude options are blank. It seems that some traffic is still routed through tunnel (f.e.Telegram, bitt

Cortex XDR: How to block execution of some unwanted apps

Hello All,

We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files.

Thanks in

When logging into the community can I turn off the email a code?

Whenever I want to log into the palo alto networks community, it asks to email a code to my email address.  Sometimes I think it already did but nothing came, but in reality I never clicked the button to send the email.

Is there a way to turn that of

Requesting Clarity on XDR XQL API Logging

Hello Everyone, 

For one of the client, we need to fetch logs from XDR API using XQL. Currently, the ask is for windows event logs only, but later they want IIS logs as well. 

Any help in below queries would be appreciated:

1. There are two queri

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error:

"email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid reference
email-scheduler -> Possi

"Only self signed CA cert can have identical sub and issuer fields" when uploading a certificate

This message appears when uploading an external CA certificate to the sistem. "Only self signed CA certificates can have identical subject and issuer fields". It's a Microsoft-adfs autosigned CA certificate used to sign SAML messages and we can't not