Using Global Protect Internally - Several Questions

I am fairly new to the world of Palo Alto, so I apologize if this is answered elsewhere. My team is looking at an implementation scenario, and I have several questions as a result. I figured this community would be the best place to start.

We are c

Using wildcard pattern/ regex in URL filter

Hello,

I like to exclude subdomains from decryption. Therefore I've created a URL category. But I don't like to exlude all subdomains only specific subdomains.

For example: I like to exlude domains starting with "whatsapp" and ending with "facebo

IP confilicting error

Hi We have configured HA pair on our two PA-VM200 Palo alto firewall. Now IP address of my interfaces eth1/1 (inside 10.1.1.1) and eth1/2 ( out side 10.1.1.2) are showing same as primary 10.1.1.1 on both firewalls and I am getting IP confilicting ...

User-ID Agent Windows 2003 logon events

Hi all,

I sometimes have a really hard life mapping domain users with old Windows 2003 forests using UID Agent (no matter if version 6 or 7))

I'll try to explain: when and only when using UID Agent I cannot read all users logon events or, worse, I ca

GlobalProtect - PW Prompt when LDAP Auth is down.

Hi all,

I tried support on this, didn't get much help.  I am using PANOS 7.0 and GlobalProtect 2.2.1

I have a couple hundred GlobalProtect clients using Windows.  I am using pre-logon (always on) with LDAP authentication.  The goal is to

Dual NIC - IP Mapping Issue

This appears to happen at random to a random subset of users.

Environment:

> 160 AD DCs

4x UIAs (2 - 80 DCs / 2 - other 80 DCs)

Assume:

All possible DCs that a user would authenticate to are being monitored by the agents.

Scenario:

When users with laptops c

Auto upgrade on OS

It looks like an upgrade for the os comes out about every other month, has anyone come up with a way to automate the upgrade process and can you recieve email notification of when new os's come out

nsatc.net shows as spyware?

I have a ton of entries in my spyware logs for DNS attempts to nsatc.net

Some digging suggests this is a site run by Microsoft related to Windows Updates.

False positive?

PCI Vulnerabilities Report

Dear Friends, panos, panagent HULK hshah Steven Puluka hyadavalli mmmccorkle

I have a doubt regarding PCI vulnerabilities scan and enable the signature for the same. when security team scan our WAN interface. he found below

1. SSL Certificate - Self-S

GlobalProtect Data File

I can't get the GlobalProtect Data File to download. I have it scheduled to update hourly for a couple of days already but nothing. If i click 'check now' I don't get any version to download. I didn't find anywhere to download it manually.

Dynamic

Bulk upload of set commands in PAN-OS

Hello All,
I'm working on a migration that requires me to breakout one large SRX config into a PAN-OS config while implimenting multiple VSYS instances.  I am managing the configuration via Panorama, so I've got a base config out of the migration tool