Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...
To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Hi all,Why is there no response pages for users when application like ftp, ssl, etc.. are blocked?I have software version 3.1.1. and everything works with blocking but users don't see any info about it. Problem is, that kind of traffic is blocked at ...
Hi, is there anyway to have web servers redundancy with PBF. What I would like is to use PBF to balance the traffic between two internal servers and, of course, monitor this servers and chnge to one of this in case the other fails. I'm testing in lab...
I'm currently using a Watchguard firewall for our remote users to connect and authenticate using built in Windows (and Mac) VPN.I have a Palo PA-500 in the Dev environment being configured to replace the Watchguard firewall, however we have come acro...
Previously, using the 3.0.x series the commit where really fast, it sometimes took less than a minute. Now, every config commit is taking nearly 10 minutes : 08:40:02 17 Commit FIN OK 08:49:36Is there anything that could be done ?Thanks.
we've run some tests on both at client side and in our office lab.the process for handling url fitlering will start with BLOCK list --> ALLOW list --> URL Categorythe logic of it is quite understandable, however, the problem lies with BrightCloud DB....
Upgraded our PA-500 to 3.1. It came back up around an hour ago and the CPU usage has been on a pretty consistent 65-66% ever since.I presume either this is normal, or not normal - how can I see what it's doing please?Also even now a couple of hours l...
Just upgraded to 3.1.0 from 3.0.6.I had the following URL filtering profile that I used on an inbound rule with SSL decryption so that people could only connect to valid Exchange/Outlook Web Access URLs:webmail.ourdomain.co.uk/favicon.icowebmail.ourd...
Hello,The "get ldap tree" bouton does not display ldap tree of the AD on UIA 3.1.0 and 3.1.1. What can be the issue, and is it critical for the agent to function correctly?At the same time, agent is able to get groups and mappings from AD.Regards.
Hello,I noticed that captiv portal is intercepting all web-brosing traffic, including traffic matching rules with userd-id required and rules without it.Is there any solution to make some web-brosing traffic pass witghout beeing intercepted by the ca...
I've been experimenting with the URL override feature. Works fine, however even with the PANs self-signed certs in the PC's trusted root authorities store, I can't seem to get away from getting a "mismatch" warning because when someone goes to www.ov...
Just looked at Monitor->Session Browser. This is cool! Why is it not documented anywhere? Is it new and I just missed something?
I'm torn even asking this question, but it seems like it might be a nice feature but at the same time possibly misused. It might also be a support nightmare when people call saying they can't get to a URL.Would you consider adding a "Block-No-Log" to...
What I'm after is a system that acts as a RADIUS server to authenticate both wired and wireless users over the network via EAP. The network will then authenticate the user and allow them access to specific VLANs, depending on the user and what machin...
I'm testing to create SSL custom signature from WebUI.However, we don't have enough materials to create that.Do you have any materials to create SSL custom signature?Or could you provide any sample config?Regards,Takeshi Kawai
We have some outgoing UDP traffic that shows up in the traffic log with "insufficient-data" in the application field. The problem is that this traffic is being allowed through the firewall because it's being matched to a rule that allows FTP traffic ...
on:
Find disabled administrator accounts
on:
User-ID not populating after Microsoft patching - Warning
on:
collector group with redundancy not working properly
on:
GlobalProtect issue with Enforcer Network Access
on:
Knowledge sharing: restarting palo alto processes , reboot , shutdown, factory default reset
on:
Incoming traffic being not logged on external IP
| User | Likes Count |
|---|---|
| 31 | |
| 17 | |
| 16 | |
| 13 | |
| 7 |
