WinRM-HTTP fails with the error 401

Hello, I'd like to request some advice on trying to shift away from WMI to WinRM-HTTP/S based User-ID. I followed the set-up guide by Palo and User-ID server monitoring is able to connect to the domain controller over WinRM-HTTP, but only every hour. If I set session monitoring to something less than 3600 seconds, each attempt by the user-id se...

GLOBAL Protect using SAML Authentication with AWS as the Identity Provider

Hi all, I'm looking for a configuration guide to implement SAML authentication for Global Protect users using AWS ?Basically I want to do the same like this (Azure in this case)...https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PP33CAG Which service do I need on AWS ? Cognito or IAM ? Regards, HA

Get your one-time password from the Customer Support Portal

Reliable metrics to conclude an asset's defended status in Cloud Discovery

The "defended" status, attached to each Cloud Discovery discovered asset, is not reflecting the asset's actual defended status. Across registry, serverless, hosts, etc, Prisma Cloud Discovery uses a loose definition to conclude the defended status of assets. For instance: Registry scans -> Looks at the registry settings, does it have a s...

user-id WinRM-HTTP connection refused

hiafter configuration of agentless user-id using Kerberos with WinRM-HTTP (was hard to get it working needed pa support for it)i encounter this issuei got 2 DC in my environment DCA and DCBWhen DCA is restarted i get Connection refused on both DCA and DCB in server monitoring i get error connection failed, HTTP code 100, Timeout was reached for ...

VM Setup on new laptop

Hell everyone, I'm facing issue regarding setup of VM on my new laptopn (Lenovo). Can anyone guide me how can setup it?

TCP Retransmission & RST

We have a digital application on Android and IOS but when user is trying to access from IOS platform and access the application. During application browsing user is unable to access certain paths of application. And at that time we check on our Palo Alto we get continuous retransmissions on packet captures. And it is happening when accessing a...

Firewall unstable

Hi Everyone! I have this weird scenario always happening. One time my firewall suddenly cannot access go outbound the net using data interfaces and then I checked my config 5x but all are good. So I rebooted the firewall just to see if it was a bug. And it worked! So I left it running for a couple of days and then the same scenario happened a...

10.1.3 - PAN-OS Certificate Expiration on Dec 31 2023

Hello All, I checked my client's firewall, they are using 10.1.3 version. Scenario 1 : Data distribution, based on the Device -> Monitor -> Date Redistribution -> Agents page it is blank and not configured. Scenario 2 : The firewall is placed at the DMZ between the Control network and the Enterprise network, i checked Objects -> UR...

Exceed limit on Dynamic IP List

On a PA-5050, what is the impact on the firewall if it exceeds the limit? Thanks in advance

Why am I seeing not seeing the dropped packets in my traffic feed?

The way my firewall is configured, the wireless traffic gets routed to the internal traffic through it. After connecting my laptop to the wireless on our network, I am unable to reach a software that was recently implemented for some reason. I was tracing down what could've been the issue for hours. I logged into the firewall and went straight t...

Traffic not in logs but in Packet Capture

I'm having issues with my garage door opener thru my PA 220 FW, v9.1.6, with the latest dynamic updates.It uses DNS and TCP 8883 to communicate to the MyQ servers. In Monitor>Logs>Traffic, I can see DNS traffic from the opener to 8.8.8.8 with return bytes, but no other traffic. In Session Browser, I see the 8883 traffic but hitting the Int...

Some webs not working

Hi, We have a PA-3050 with PanOS 8.0.5. We cant access to these webs https://www.metromadrid.es and https://www.ing.esWe receive a timeout and we see a RST from Palo Alto to web server.We had this problem in 8.0.4 and we upgraded to 8.0.5 but the problem persists. This issue breaks my mind, can someone give me any idea???