Seems like a bug any one faced in 7.0.9. We have several firewall and 2 time it happened group mapping lost suddenly and we have manaually refresh to get it it back.
I know I've seen an article/documentation on this somewhere, but I am struggling to find it.
When running a show system environmentals, and more specifically the "Thermal" area for the processors, does anyone know what functions are being handled by
...
Hi,
Testing with Rome release I notice we need to have trusted CA on the Minemeld webserver. You can't use the Minemeld default certificate to import on the PA firewall.
So I had to manually change certificate in the NGINX.
Maybe this could be inc
...
What happens if if whitelist some IP and then MineMeld is shutdown ? Will source or destination in the rule be replaced by 'any' ?
Hi there,
if we are going to the tab "Policy" we will see 7 different sub tabs. The tabs are:
Security
NAT
QoS
PBF
App Override
Captive Portal
DoS Protection
So I know for example that Security rules are always checked before NAT rules but whats about the
...
We have decyption turned on for inbound smtp trafffic. It is only decrpyting a portion of the encypted traffic. I have an open ticket with support but still working through it but I wanted to check to see if anyone else is experiencing issues. I do
...
Hello ,
I have a problem with my firewall PA-200. When I try to open the GUI , I found an error message with a session out . You can find in the attachement this error message .
I read that may be this problem can be related to the disk space. I do a
...
Hello All,
Need some clarification on ARP table. For some reason, once we swapped the devices from 2020>3020 our ARP table is seen as incomplete but services are working fine withing on that particular external subnet (before they did but we use gra
...
Hello,
GlobalProtect GW with x-auth is enabled for IPsec VPN client services. However, only one concurrent session per user is allowed and any subsequent sessions disconnects the previous session user. Same issue happens whether the user is a local a
...
MindeMeld or EDL (external dynamic list) in general can whitelist Office 365 but only per destination. Is there a way do build dynamic access lists based on source IPs ?
Does anyone have any experience with configuring VPN to use the UPN instead of sAMAccountName? I'm trying to get a configuration working using a Radius Multifactor system that requires the UPN, and while I can get that part to work, I can't figure ou
I would like to get to know which specifc traffic is being checked by specific features of Palo-alto NGFW. To be more precise after enabling all the features on the device which traffic is being checked by URL filtering , IPS Anti- Spyware and other
...
Under the URL category of "educational institutions"(set for alert) we are generating a enormous amount of logs identified with an application of “windows-remote-management”. I currently have modified that category to "allow" which eliminates all log
...
Hi, wondering if someone might know how to see counters for flow_fwd_mtu_exceeded for a specific interface. Our firewall's global counter is increasing using this command:
show counter global filter packet-filter yes delta yes
but I'd like to know wh
...
Hello,
in the followind doc, Firgure: Single Default Log Collector per Collector Group.
Looks like we can assign Firewalls to send logs to the Primary Panorama, Also it looks like we can assign firewalls to send logs to only the Secondary Panorama.
htt
...
BPry
on:
Global protect VPN server certificate error
BPry
on:
GlobalProtect multiple authentication profiles? External contractors, ldap users with certs
BPry
on:
Two WAN Ports on one Switch. Split of physical VPN and Internet port.
reaper
on:
Error when renewing Certificate "Failed to read certificate"
reaper
on:
Can a systems integrator benefit from taking the PCNSE exam?
BPry
on:
Automatically adding email DL to every CSP case and receive Palo advisory updates
BPry
on:
Wildcard URL for Non-HTTP/HTTPS traffic
