Can PA be possible for content inspection after ssh decryption?

Hello,

Can PA be possible for content inspection after ssh decryption?

I looked the below document.

Details on Port Forwarding Inside SSH

This document mentioned the following comment.

"Content and threat inspection is not done on the SSH tunnel session"

I

What happens if Dynamic Block List server is inaccessible?

If we are retrieving a list of IP's via Dynamic Block List to Allow and/or Deny traffic, what would happen if the web server hosting the .txt file is inaccessible during a refresh? Would the DBL object lose all of the IP addresses and render the rule

Issues with geolocation IP addresses

Hello,

We have policies (geolocation) which only allow connection from Spain and Andorra.

In many cases the IP addresses identified by geolocation, is not properly updated and sometimes Palo Alto identifies an IP like another country rather than as Spa

Active/Active HA on 7050

I'm getting ready to implement an Active/Active setup on a 7050. What is the best practice for bandwidth over the HA links? I'm more curious about the HA2 and HA3 links.

Preempt Loop Detected

Hi All,

I've implemented Active-Passive firewall with preempt options enabled as below :

I use Path monitoring to IP B to detect failure. When I shutdown the bridge (device between A and B), the Active device switch to X and A status became non-functio

About Microsoft Vulnerability

Hello all,

My customers PA-3020 detected  a few  Microsoft Vulnerability Threat coming from Inside ( Web server ) to Outside  ( Internet ) .

We investigated the cause of this , but could not replicate the issue and finding the cause of it.

We scanned

DNS attack? False positive: urussynonumsantonums.com

Hello,

I am new to this realm so please note if I ask alot of questions, you all have the answers.  I have a PA device that has been spitting out multiple, multiple, and multiple Threat notices for the above domain: urussynonumsantonums.com.

I have se

no puedo entrar a mi PA 200 por web me aparece session timed out

Tengo un PAN 200 con versión de 5.0.9 y con este espacio en disco

Filesystem            Size  Used Avail Use% Mounted on

/dev/sda2             1.9G  1.9G     0 100% /

/dev/sda5             6.6G  670M  5.6G  11% /opt/pancfg

/dev/sda6             1.9G  1.2

Friewall does not send ms-files to wildfire

Hello,

i setup wildfire to forward any application, any files so wildfire could test files against malware.

I discovered that ms-office files are not sent to wildfire.

File blocking rule is set to any/any/both/forward

Antivirus rule is set to block on wi

Differences between "panHAConfigFailureTrap" and "panHAConfigNotSynchTrap"

Hello

I'm working with the trap MIB and I doesn't understand the differences between these one. The descriptions in the MIB file are

panHAConfigFailureTrap: HA configuration push to peer has failed

panHAConfigNotSynchTrap: HA config not automatically sy