General Topics

GlobalProtect with X-Auth split tunnelling

Hi guys,

I'm working on a GP portal and gateway configuration, in order to provide to the customer full compatibility with the old vpn clients (ex: cisco) I enabled X-Auth support on it.

The client with a third party software authenticates but it alwa

Please tell me why send a email with BMP image will judged to be a threat?

Please tell me why send a email with BMP image will judged to be a threat?

The firewall will show up a threaten sentence, during the sending job..

Please help me here. Thank you.

Threat Details： Name: IBM Lotus Domino BMP Parsing Integer Overflow Vulne

what is the difference between Botnet report and DNS Sinkholing?

HI All,

what is the difference between Botnet report and DNS Sinkholing? we can see the botnet reports to identify the infected machine by identifing the connection requests to the malicius URL repetedly, please help me to understand this.

Thank you,

Hot fixes for 7.0.8

Hello,

There are two hotfixes released for 7.0.8.  Anyone from PAN TAC can share the detail about what got fixed?

Thanks,

~E

IPSec VPN issue between Palo and MS Azure

Hi Guys,

Having problems with a site2site VPN connection on a palo alto firewall. It seems to randomly drop and stop working. Sometimes it will stay up for days then drop and other times it stays up for about an hour and then drop. I have followed va

Default Ping Size

Is there a way to change the default ping size from 56 bytes? I know there is a switch to change the size but I'm interested in knowing if the default can be changed.

FreeIPA [LDAP] group integration

Hello, anybody has experience with user group integration with FreeIPA ldap server?

I have tried many different settings with no success. With some settings i can see groups but they seems to be empty.

show user group list  - shows proper groups, but

sh

Configuring PA-500 - separate access to to different IP addresses

Hello All,

I hope that you can help me with one, I would say, common task but I'm unable to find right answer to this.

We are using PA-500 and behind it, there is 5 servers. We also using Global Protect for accessing to servers.
I need to setup on PA-5

How to License PA VM without Internet Access

Hello Community,

I have followed the guide on how to Licence PM VM without internet access here https://live.paloaltonetworks.com/t5/Management-Articles/How-to-license-a-Palo-Alto-Networks-VM-Series-firewall-without/ta-p/66178

Everything seems to be

Estimate PANOS 8 Release?

do anyone here have estimate when PANOS 8 release? because my client have existing problem that not resolve and will be resolve on PANOS 8. I forgot to ask TAC about estimate date PANOS 8 release.

User Authentication Profile update for VPN User-ID mapping PANOS 7.0.x

Dear All,

i have problem in my VPN user Identification (they cannot login to portal) after there's update/change in my AD server group. I already doing this https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Force-User-Group-Mapping-R

IBM Notes RPC protocol inspection

Hi,

Our customer mandates that traffic crossing a DMZ must be inspected. We need to plan carrying, for old legacy purpose, the NRPC (Notes RPC) protocol which must through the PaloAlto device for inspection.

Could anyone confirm whether PaloAlto can in

VM-100 Not recognizing users from Cisco Wireless Lan Controller

Hi guys,

Has anyone managed to successfully have their VM-100/Palo recognise the SNMP authentication requests from the Cisco LAN Controller to use for User-ID?

I have followed the below document but to no avail. 

https://live.paloaltonetworks.com/t5/