Local admin account locked

I have a cluster of two Panorama systems.  When I try the local admin account on the primary-active node the system generates a log entry saying that 'failed authentication for user admin.  Reason: User is in locked users list.  The same account name

BGP "no enforce neighbor-as" option?

Hi,

Is there a configuration avaialble to not enforce the requirement of a BGP peer including their AS in the advertised path?

This is required in peering exchanges where there are central route servers which function transperantly by advising of nex

SSL Inbound Inspection

Hi,

I have setup a decryption policy to decrypt inbound SSL traffic for the Exchange web mail server. However, when I check the logs I see only some traffic as decrypted and some arnn't. Refer below screenshots,

Why isn't the policy not decrypting all

GlobalProtect with X-Auth split tunnelling

Hi guys,

I'm working on a GP portal and gateway configuration, in order to provide to the customer full compatibility with the old vpn clients (ex: cisco) I enabled X-Auth support on it.

The client with a third party software authenticates but it alwa

HTTP2 and PAN?

Do PAN firewalls  support inspection of HTTP2 traffic in the same way as they do HTTP1.x?  I am curious because HTTP2 has three main improvements in this version, and I could see these the following two features potentially causing issues for HTTP1.x

PA-200 Renew Certificate Error "Failed to read issuer certificate"

Hello Community,

i receive the following message after i "renew" my certificate for the next 365 Days.
What can be the reason?
Any Ideas?

Best regards

Y.Reichwein

Please tell me why send a email with BMP image will judged to be a threat?

Please tell me why send a email with BMP image will judged to be a threat?

The firewall will show up a threaten sentence, during the sending job..

Please help me here. Thank you.

Threat Details： Name: IBM Lotus Domino BMP Parsing Integer Overflow Vulne

what is the difference between Botnet report and DNS Sinkholing?

HI All,

what is the difference between Botnet report and DNS Sinkholing? we can see the botnet reports to identify the infected machine by identifing the connection requests to the malicius URL repetedly, please help me to understand this.

Thank you,

Panorama Logging

We're running a Panorama M-100 with hundreds of PA-200s.  All changes to endpoints are made from the Panorama appliance.  However, my config logs in Panorama do not show the affected host's information (IP address, hostname, etc.) making it very diff

Hot fixes for 7.0.8

Hello,

There are two hotfixes released for 7.0.8.  Anyone from PAN TAC can share the detail about what got fixed?

Thanks,

~E

IPSec VPN issue between Palo and MS Azure

Hi Guys,

Having problems with a site2site VPN connection on a palo alto firewall. It seems to randomly drop and stop working. Sometimes it will stay up for days then drop and other times it stays up for about an hour and then drop. I have followed va

Default Ping Size

Is there a way to change the default ping size from 56 bytes? I know there is a switch to change the size but I'm interested in knowing if the default can be changed.