Hi, Palo Alto Engineer said clientless VPN will release with new PAN OS 8.0 in near future. I just wanted to know what is the exact release date for new PAN OS? Thanks,Lakshitha.
I need to create my list 'MineMeld-source-List' of blocked IPs which I want to use in the rule. I tried to use prototype stdlib.listIPv4Generic as input where I can add indicators. Then used stdlib.aggregatorIPv4Inbound based aggregator and subsribed firewall to stdlib.feedHCGreen based output (MineMeld-source-List). But on firewall I am getting...
Hi Guys, ASA has a feature where it randomize TCP Sequence numbers to prevent hijack session. Does palo alto has any similar feature. Sorry to compare the products here. My intention is to configure similare setting in firewall. Regards,
Greetings all, We're getting close (hopefully) to rolling out our PAN boxes and I'm working on getting together information to pass up the chain on features like SSL Decryption and SSL certificate security. I've got a few questions concerning best practices on certification generation on the PAN boxes and how the certs are used: Are PAN admins l...
Hi There, I was migrating configuration from Juniper to PA, everything worked as expected except IPSEC VPN. Customer has two sites and both sites have ADSL connection with Dynamic IP address, however on one end Dyn DNS is used. In the below example Site-A has Dyn DNS and www.vpn.com gets updated as soon as IP gets changed on Site-A. But on PA th...
Can I block access to windows 10 store by policy?
Hello, Trying to configure GlobalProtect to work with local accounts and LDAP accounts with an authentication sequence. The PAN is almost seemingly treating the local account as a LDAP account according to the system logs.The account Idea11Support is the local PAN account we are trying to use but it keeps trying to authenticate it against the TA...
Hello,i need to map user to ldap group. For desktops there is no problem, mappings goes well. But if some user connects via smartphone and didn't provide DOMAIN\ then problem occur. Is there any way to achieve this goal ?Typing DOMAIN\ on mobile keyboard is difficoult.Users are authenticated through 802.1x on extrenal NAC and user-id is passed ...
Hi, Let's say I want to create a Data Pattern to check 2 conditions on DLP: 1) Check Luhn number. This can easily be done by setting a weight in the "CC" field on a DLP Data Pattern.2) Once the Luhn number checked, check if the first 7 numbers of the credit card matches some BIN codes of an specific Bank. is that possible? I mean, the "2 condit...
We have a need to limit download and upload to 50 Mb/50 Mb for a specific AD group in our company. I have followed the steps in this article https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/quality-of-service/use-case-qos-for-a-single-user#36469 When I apply the qos profile to interfaces it then applies to 50 Mb limit to everyone ...
We are hosting 4 clients with each having their own server. I have setup 4 separate GlobalProtect Gateways and Portals for each client with access only to their server. I have configured Radius and tested it. I want to be able have one different Active Directory group for each client and have the users that are in the respective groups only ha...
Hi All, Strange but cannot clear the session below. Did try from GUI first then from CLI. CLI says: session 135269 cleared after still able to see it as active Any idea? PAN-OS 6.1.7 PA-5050 Thx,Myky
Hi Guys, ACC issue. Don't know what could be the reason for the URL block report to show some activities when nobody was using a network on Sunday. NTP? And also question to why all users got 2 digits in the end of their username, Is it normal? Thx,Myky
Hi I don't understand why the same file has different level of severity in wildfire.Could you explain me? thank you very much. best regards.
Hello community, Do you know what kind of protocol use PA to your HA, VRRP, CARP.. ? Best RegardsAndres Padilla
