cli command to capture accepted traffic and dropped traffic.

Can someone help me with command to capture accepted and dropped traffic through cli or through webui interface of firewall.

I tried command show log traffic dst/src/sport/dport   but looks like show log traffic in general does not provide good info.

H

PaloAlto Firewall CLI partial commit by object-xpaths

Hello,

I`m trying to include only single object into commit.

Web interface allows to exclude objects from commit:

On the first glance looks like CLI could provide such option:

USER@Device# commit partial
+ description Enter commit description
+ dev

Palo VM randomly stops forwarding traffic

Hi all,

I have a new Palo Alto VM-100 running in Proof of concept on version 9.0.2-h4

I'm using a virtual wire to protect servers against all kinds of attacks, malware etc

Yesterday evening for the first time, everything behind the firewall went down.

PCNSE Cyber Security Practice Lab

I am preparing for the PCNSE.  The link to the CyberSecurity Practice Lab does not work.  Can someone point me to the new location or an updated link?

Thank you

DHCP WAN nat to loopback interface for restricted management

Greetings!

Running Pan OS 10.2.3-h2

Is it possible the have DHCP on the WAN interface, Nat inbound traffic to a loopback interface that allows management?

The inbound security policy would restrict access based on set of FQDNs

Is there a way to see how many Address objects/groups I have?

Hello, all.

I'm trying to determine how many address objects and object groups I have across all of my VSYS on one of my platforms. I found the command to show the maximum allowed (see below), but not one that shows how many are currently there.

Is t

Result: Failed to validate server certificate for endpoint api.paloaltonetworks.com

issue1:

I am having issues with getting Panorama and firewalls connected up to datalake. I opened a case and i am told it can't connect to api.paloaltonetworks.com. I have pcap that says otherwise. There is no ssl decryption in between. Its frustratin

Prioritize Tunnel Static Route over L2 physical route

Hi, 

I have an IPSec Tunnel between a remote central site and a PA-220. 

This tunnel advertises it's remote internal network in 10.100.10.0/27.

A static route has been created in the PA with a metric > 1 (10), to route traffic in direction of

Civil3D 2023 and Global Protect

Greetings Programs,

We have a client that is an engineering firm. They have a few remote engineers and we are starting to see issues with Civil3D 2023(AutoCAD).

Majority of these end users have Windows 11 OS with Global Protect installed on it to V

FQDN object not resolved

Hi,

We have this fqdn object created: 

2021-01-08 12:26:14.872 +0100 dnscfgmod: Fqdn SIEMENS OWNCLOUD SERVER/cco.siemens.com could not be resolved

If i run a ping from MGMT A interface is resolving:

ping host cco.siemens.com
PING cco.siemens.com (212.23

Panorama stop showing logs suddenly

Hi,

We have a panorama M100. Panorama is showing logs but suddenly stop doing it. We can not see any logs until we restart logd proccess or appliance. Panorama version is 8.0.8

 Why is this happening?