Hi,
I configured GP pre-logon method, But it’s only working in administrator mode even though the user is part of administrator group, it’ not working for normal users.
I followed below KB article,
https://knowledgebase.paloaltonetworks.com/KCSArticle
...
I have a greenfield Palo with a fresh ISP.
Have confirmed from the Palo I can source from my interface and ping outbound to anywhere in the world.
Interface mgmt has been set to allow ICMP, I've left the allowed IP's blank and also set my specific IP,
...
Hello,
I have a vpn ipsec in production, now I have to add a secondary remote peer.
It's my first time I have to configure a 2nd peer.
If I understood well I can't simply add a seocndary peer to the VPN but I have to configure a new psec but the differe
...
It seems odd that the base bundle (PAN-PA-5450-AC-SYS) includes a NC and not a DPC.
Can someone from Palo, or someone that has received a 5450, confirm that a DPC is *not* included and the base bundle (it will not function on its own)?
Below find the certificate KeyUsage
What is wrong with my certificate?
I have a PA-220 (PANOS 9.1.8) running with a dynamic PPoE link to the ISP. I've tried everything! It does not respond to PING, SSH, HTTPS. I removed the firewall security profiles, zone protection, added the management profile. Looking at the pcap, t
...
Hi Folks,
Auto-commit on our passive firewall is failing. When checking the logs we could the see the commit failure reason as below:
PA-3220 not started, auto commit failed:
Details:
Management server failed to send phase 1 to client cord
Commit faile
Hello all,
We are looking to update PAN-OS to 10.1.4-h4 but wanted to ask if anyone had any issues after upgrading?
I had 10.1.4 installed but it had bugs and had to roll back so I am a little bit leery to upgrade again.
Thank you,
Tom
Since upgrading to the 6.0 client every hour, when the client does its config refresh interval, Windows defaults to the Global Protect password sign in option when unlocking the computers rather than what the users are normally using (PIN, Face, Fing
...
I have my production firewalls in HA active/passive mode. My question is if I have suspended the passive firewall, what would be the interface status, would it be down or showing up ? I do understand it will not be forwarding traffic but what would y
...
Hello,
I have run a config through the migration tool and I have noticed the following application generate warnings-
icmp- I understand I change this to- ping
ipsec-esp- I have no idea what this should be changed to?
gre(generic routing encapsulation
I would like to test this hypothetical scenario it is possible :
* I have an account with 3 vpn providers (i.e. NordVpn, PIA, Boleh)
* I would like to create 3 (or more) vpn tunnels (at least one tunnel with each vpn provider)
* I will route different t
...
PAN-OS is 9.1.10 running on PA-5250.
The useridd process is consuming 100% CPU:
Tasks: 313 total, 1 running, 309 sleeping, 0 stopped, 3 zombie
%Cpu(s): 2.8 us, 1.5 sy, 0.0 ni, 95.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 32640128 total, 197252 fre
Hello All,
I have a question related to BGP summarization in a PAN firewall. We currently have summary aggregate advertised to the upstream device. But now we need a leak /32 route to the upstream along with the original summary route. What is the be
...
TomYoung
on:
SSL Inspection and SSL Labs
BPry
on:
MOST COMMON ERROR MESSAGES
TomYoung
on:
file blocking profile not working for SFTP
BPry
on:
When logging into the community can I turn off the email a code?
| User | Likes Count |
|---|---|
| 12 | |
| 11 | |
| 7 | |
| 7 | |
| 6 |
