log forwarding

Team,

Have few questions on log forwarding ..

1. Is there any best option to check what are the policy rules doesn't configured with log forwarding from Panoroma or any other tools ?

2.How to enforce users to specific custom  log forwarding profile 

Migrating config from fortigate to paloalto ,having interfac mapping issue and also in service no ICMP and PING available

Initial GlobalProtect connection and subsequent drop-outs.

It routinely takes me over 10 minutes to login to my VPN every morning, because the network response is so slow and droppy.  There's so much already loading when I login that I receive "cannot connect" errors from other apps before GlobalProtect even

Rule creation query

Hi Team,

We have created policy

Source: Internal subnet

Destination: Any Application:Any service/url category:custom category.

Action allow.

In custom URl category, we have added 2 domains. Our requirement is internal subnet user should access these 2

Validation failed when committing a changes to managed firewalls from Panorama

Last week we made a changes(added new IP addresses as a Source) to the existing security policy and tried verifying by validating template/device group for target firewalls however it results in validation failed with following errors.

user-id-agent

Globalprotect dissonnection issues

I have a couple of users who say that when on the GP VPN client it disconnects them multiple times and I have not been able to reproduce their issues.

The only thing I have found so far is this in the system logs "globalprotect gateway user login fail

Forwarding logs to MS Sentinel

Hi Guys,

How to send Data Filtering Logs to our Microsoft Sentinel as there is no option in Log Settings for Data Filtering?

Many thanks in advance.

Palo alto certificate error?

hi all,

I am using PA-850 and configure certificate decryption. I am having the problem with this. when I configured to decrypt for any source, client would get the error "ERR_SSL_VERSION_OR_CIPHER_MISMATCH", and could not access to any websites. 

Bu

Firewall stopped sending traffic to internet from trust zone, after upgrade from 10.1.3 to 10.1.5h2

I have upgraded 3 set of palo alto PA-3220 (3 pairs) to 10.1.5h2.

Two set works good without any issue.

When upgrade completed with last set, the active firewall stopped sending traffic from trust zone to internet, though it has all valid routes in it.

User to IP mapping for LAN with computer on hybernet/sleep

I have Palo Alto firewall and implemented the user ID in our environment. I am looking for some help on specific use case. I am hoping to get some answers/guidance for the same.

Firewalls : PA-820/850 as well VM-300

PAN OS : 9.1.13-h3/9.1.9

I have ins

Some users have pre-populated usernames in global protect VPN client

Hi all,

I was wondering if anyone else has seen this.  There are about 3 users that I know of that are having user credentials pre-populated in global protect that are incorrect for the VPN login.  We can't seem to clear this, and even if we do a res

Palo Alto content apps update 700 800 compatibility 8.0.X

Palo Alto content update 700-800 compatibility 8.0.X

Hello good evening, thanks as always for your support, we have the following case:

-A device firewall version 8.0.X was manually installed a content update of Apps, current version 8563-7374.

-After t

Cannot log into firewall if authentication profile specifies an AD group instead of AD username

So last Thursday we upgraded our PA-5220s from 9.1.10 to 10.1.5-h1 and everything went incredibly well - absolutely no issues during the upgrade. About 15 hours after the upgrade was complete, we suddenly could not log onto the firewalls with our LDA

PAN-OS 10.2 : filter incoming OSPF routes

Hi,

We are trying to setup OSPFv2 between a PA-5220 in 10.2 and a Cisco ACI Fabric with "Advanced Routing" enabled.

For now, we are able to advertise routes to our ACI Fabric, we can filter outgoing advertisement but we are unable to filter incoming r