Captive portal SSL decryption policy requirement

Hi,

PAN has the following document [1] which says you need to have SSL decryption in order to redirect SSL pages to captive portal.

To me it doesn't seem to be accurate. Response page [2] workaround seems to be doing the same i.e without having an SSL

CRL Distribution Point (CDP) Config

Is there a place in the PAN-OS to configure the CDP address or does it only learn it from the certificate? We have a new CDP we are testing and have added it's IP to our cert but the firewall is not attempting to contact it, only the second one. Is t

LEEF Format

Dear Team,

Appreciate your feedback as we facing challenges with LEEF format when we configure a Syslog server with a custom log to allow integration with the Qradar SIM solution.

We use the same format as mentioned on the IBM website below,

http

Dual ISP Global Protect Redundancy

Hi Team, 

I hope ye all are well. We recently worked a case for a customer that had dual ISP configuration and wanted the Palo Alto Networks device to provide redundancy for the Global Protect Portal and Gateways in the event one ISP went down. We ca

ESA | ELA When license price is increasing

Dears,

If we get an ESA / ELA let's say for 3 years, we pay the hardware, and then we would pay an initial price for support and licenses. Next, If the list price of support and /or licenses increase during these 3 years, and then we buy more hardwar

Where can I find my Customer ID or Sales Order Number to register an account?

I am trying to setup an account to create a case.  I have my serial number, but not the customer ID or sales order.  Since one of these are required in the registration process, I am not able to open a case.  I do have access to my paloalto unit onli

Error Handling in Custom Playbooks

Hello all,

To handle with different types of playbooks and tasks, is there any implementation method or best practice guide to identify errors in playbooks. If a task or subplaybook stucks in main playbook I want to get informed about it and handle

Nuevas ISO 27001, 27005 y 27005

Como las nuevas versiones de las los estándares ISO 27000 se integran en la realidad de la seguridad de la información, y como se llevaría mejor su implementación?

#ISO27000

#ISO27001 

#ISO27002

#ISO27005

Entering a Support ticket

Block SSH traffic

We are using PA 5250 firewalls. We are not using decryption on it.

Now, we want to filter the ssh traffic satisfying all these 2 conditions:

C1) Allow access to  *.mywebsite.com  for ssh traffic AND allow file download upload

C2) Allow access to ab

description update in security rules via Panorama CLI

Hi Team,

i was trying to update description on existing multiple security rules via Panorama cli. but found that if i add description via cli it just simply replace the whole existing description.

So, is there any way to add/update the description wi

Error while committing changes

Hi Team,

Getting the below error while committing the changes. I read an article where it says it might be due to memory issue so rebooted the device and checked but still the same issue. Could you please suggest as soon as possible.

DLP Configuratio