Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi All,
I wish to ask do i have to have my own Certificate in order to use SSL decryption feature, in order to decryption my users SSL traffic ?
OR i can just go and setup this feature and use it right away ?
I use PA-VM-100, PAN OS 6.0.4
I'm having trouble authenticating with a second VPN tunnel that I've created.
I've created a new Portal and Gateway, almost identical to the previous ones. Obviously with it's own external IP, certificate that fits the given domain.
Created a new Zone
Is it possible to disable SSLv3 and TLSv1 for Global Protect?
Vulnerability scanners flag the interface of the PAN where Global Protect portal/gateway are hosted as it allows these deprecated versions.
Hello ,
Can any one please explain me the error i am getting while pushing the policies to a device of a device group.
I want to push the policies only to the particular device ,member of device group.
Thanks
Hi,
Any advise configuring HA on mentioned PAN-OS as documentation seems not very detailed..
Have configured HA for control plane with ip addresses /30 , enabled HA, group 1 and Peer HA ip address; after commit am getting generic failure error
Cheers
Hi,
I've deployed PA-500 recently, and I'm experiencing an interesting situation.
PA-500 is deployed in virtual-wire, and I'm filtering only my main ISP connection (ISP 1). The connection for ISP 2 goes directly to the router.
We have a web server, whic
...
Hi,
We have just upgraded our 5020s and 3020s to 6.0.3 and encountered an issue, where the secondary device became the Active one and the primary displays this error, only on the 5020:
does anybody else had this issue or knows how to solve it?
Thank you
...
Hi everyone,
I wanted to do user based filtering on PA-500, but after I've successfully connected PA with active directory, and applied a security policy on user based I get this warning:
Warning: Rulebase 'security'
Rule 'LAN-r2'; Zone 'LAN' does not h
...
Hi, im receiving this snmp trap in my Palo Alto (PA-3020 PANOS 6.0.3). Checking the system logs i see each 15 mins this log message "HA-queue-full". Why is this happening?
Hi there,
I'm not sure if anyone else has seen this alert show up on their devices but I have Critical system messages sent to me by email and I have received this afternoon every 15 minutes a message saying "HA queue is full". I made a small tweak to
...
I was wondering if there is a way to apply GPO to a user when user connects using Global Protect client. Thank you in advance for your responses.
Serge
We are increasingly seeing the need for a URL rewrite feature - we had hoped to use it for one of the ways to force Google SafeSearch (vs. the existing option of blocking searches using an app signature)
We now would like to use YouTube for Schools, w
...
I made several changes in IKE and VPN.
Commit does not work:
Details ERROR: line:965: syntax error [peers_sa_ipaddr]
(Module: ikemgr)
Where to find the right line #965 ?
When searching in exported candidate config - no ike specific line found.
Ro
...
We frequently face an error for fetching the group-mapping in the user-id tab. The error is normally shown up as failed to execute op command. One of the reason can be invalid credentials in the ldap configuration
Troubleshoot this error with Tail fol
...
Can one turn off the application awarenes globally to set up a PAN as a L4 firewall? Trying to get some comparison stats against the old L4 only (non PAN) firewall and the new PAN.
thanks.
OtakarKlier
on:
RFC1006 protocol over TCP
OtakarKlier
on:
Windows update URLs with IP addresses show up as unknown
OtakarKlier
on:
Panorama Upgrade
OtakarKlier
on:
Layer 3 between 2 buildings
OtakarKlier
on:
URL Category rule works on some firewalls but not others
OtakarKlier
on:
CPE for the Conferences or Summits
