General Topics

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

Is it possible to block method POST in any website?

Hi guys,

Our company don't want employee to post anything on internet so we're trying to create custom application that block method POST on http-request-message. But when we're trying to write a pattern. It's always pop up an alert

...

Global Protect Portal/Gateway Certificate Issue

Hi,

Just recently after upgrading to Global Protect Version 1.2.4 we started getting error messages on our external users laptops that there was an " CN Mismatch Name" but continuing still allowed them to connect..

After determing it was a Common Name

...

Resolved! Daily packet capture limit of PA-3000?

I would like to know Daily packet capture limit of PA-3000 serial.

Do you know this?

other serial device is...

> 　PA-5000 : 786432

> 　PA-2000 : 131072

> 　PA-500　: 32768

> 　PA-200　: 65536

Regards.

Certificate Error in Global Protect Portal

Hi All,

I'm trying to setup the Globalprotect VPN and have followed the (only partially helpful) GlobalProtect-Configuration-4.1.pdf to create certs and set everything up. When I try to connect to the portal site with my browser I get a certificate er

...

Resolved! IOS Global Protect APP - Required Client Certificate is not found

Hi l am trying to configure the IOS App with our PA 2050 and l am getting the message :

Gateway " IP Address " : Required Client certificate is not found

I have installed a 30 Day Trial license of the Gateway to test this but still the same error messa

...

How to control URL Filtering bypass by IP?

Hi all,

How can the Palo Alto control the age-old URL filtering bypass of typing in the IP address of a site, rather than the hostname?

As an example, some of our students last week did:

1. www.minecraft.net via web browser is blocked (category: games)

2

...

Resolved! group mapping

Hi,

We have 5 ldap profiles with different domains.When adding group mapping for each we can see all gorups without problem.After we add and commit all gorup mappings disappear in gorup mapping tab.(deleted)

Any idea ?

Resolved! authentication profile LDAP

Hi,

When l go to authentication profile and select "add" under allow-list for a LDAP connection it does not list all Active Directory Groups from our Domain ?

We are currently on PANOS version : 5.0.3

I also have the User ID Agent setup on both of our W

...

Resolved! User Agent picking up domain service account instead of end user

We are running a 2008 R2 domain and the user agent is in and working. However, it keeps showing one of our domain service accounts on many (not all) of the reports and monitoring instead of the actual user that is browsing. We run the same service

...

Resolved! System fan speeds?

Hi.

I've recently implemented a new monitoring system (see thread in the devcentre forums) called Observium, and one of the things it does is read *all* the SNMP sensors out of the Palo Alto devices.

I noticed that it was reporting the fan speeds on my

...

Resolved! 5.0.5 Management CPU?

So, I finally got to upgrade my 2020's to 5.0.5 (not been able up to now owing to operational requirements) after hearing from our PA rep's tech guys that it's mostly stable now, and he hasn't heard any bad reports on it.

However, it seems the high ma

...

iOS Globalprotect VPN question

So I'm going through the document here:

https://live.paloaltonetworks.com/servlet/JiveServlet/downloadBody/2016-102-8-14087/GlobalProtect-Config-Apple-iOS-RevD.pdf

I have an existing / configured GlobalProtect portal for VPN usage for PCs/Macs. It loo

...

Resolved! GlobalProtect 1.2.2 disabled Windows auto-login

We are rolling out the GlobalProtect client to our campus community and we came across this behavior. When we install the GlobalProtect client, it disables the auto-login feature for some of our Windows machines. This is a non-issue for me, but som

...

Resolved! url filtering speed

Hi,

When enable url filtering page loads late.Same page loads very quickly when disable url filter.

All sites same issue.any idea about that ?

What is 'cotp' ?

Hi,

-----------------------------------------------------------------------

A new 'cotp' App-ID will be available in the upcoming content update for the ISO transport protocol 8073 over TCP. When allowing applications such as ms-rdp, t.120, and iccp, t

...