How to allow all the traffic from TLS V1.2 and above on firewall

Hi friends,

we have a customer who wants to block TLS version 1.0 and 1.1 and to allow all the traffic from TLS V1.2 and above on firewall.

Is there any option on palo alto firewall.

Customer requirement is that they need to block it from the interfa

Automation using batch file.

Is it possible to automate URL category configuration (Adding and removing an URL from an existing URL category)

by creating a config in batch file?

Clearpass cannot parse NGFW threat logs

I am trying to parse the threat log from NGFW 10.2.6 to clearpass version 6.9.11. Is there someone here perfected the Syslog Custom Format so that Clearpass can parse it? Currently, I'm using this format and still no good:

CEF:0|Palo Alto Networks|

PAN-OS 10.1 no Wildfire Submissions logs in WebGUI

Hi, 

I made upgrade on PA-220 to PAN-OS 10.1.0. After that the Wildfire Submission logs are not loaded in WebGUI. I only see the rotating progress circle in the upper right corner.

In CLI the Wildfire logs are visible 

>show log wildfire

Of course I have

500 Server Error for Miner nodes

Hello all,

I am currently receiving error messages on two miners within minemeld regarding the "Last Run" while trying to pull and carve out new IoCs. 

The message I get when hovering over the error is "500 Server Error: Internal Server Error "

PA-220 internet issue

Hi, 

I bought recently a PA-220 for home as I am very new on Palo alto in order to learn.

My current setup is the following :

ISP router -------> PA-220 -------> Netgear router 

I've set the zones, virtual router etc, policy. 

I am following that

PA OS upgrade issue and question

I am attempting an upgrade of my HA pair OS from 9.1.4 to 9.1.16 and am receiving the attached on the HA widget.  It says verify they are syncing in the upgrade doc but this doesn't look like it is?  Any help would be appreciated.  Thank you

Options to NAT Porxy Server

Background:  10000 or so clients connect to the Internet through a cluster of proxy servers.  The proxy servers sit on the inside of the network and share a single outside NAT address.  So all external web related requests come from the same outside

Where could I find the list of CLI commands for URL Category?

Where could I find the list of CLI commands for URL Category?

For example add an URL to an existing URL Category, and commit to an specific user.

Unable to Login windows 10 device showing incorrect user name and password after upgrading Global protect Palo Alto from 5.2. to 6.11

Unable to Login windows 10 device showing incorrect user name and password after upgrading Global protect Palo Alto from 5.2. to 6.11

Cluster FW Active-Pasive syncronize certificate profile 10.1.9-h1

Hello team

I am deploying web auth with certificate

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/firewall-administration/manage-firewall-administrators/configure-administrative-accounts-and-authentication/configure-certificate-based-ad