test policy match cli tool returns nothing. what does that mean?
It should match some policy right ?
Does that mean it matches one of the default policies?
Hi, I'm noticing a weird behaviour with default security rules "intrazone-default" and "interzone-default":
Running PANOS-10.0.9. In GP Network>GlobalProtect>Portals
Under App -Resolve All FQDNs using DNS servers assigned to by the tunnel(Windows Only) is Yes by default.
I cant see these dns logs in Traffic logs?
Good afternoon,
I'm trying to understand the behavior of the global protect client as it pertains to session expirations. I'm getting a message "remove previous user" message. I'm trying to determine what that means as I'm used to seeing the "user
...
I have added the URL to the exception list with no luck. Any suggestions?
C:\Users\Steven Williams\AppData\Local\Programs\Python\Python38>pip install Flask-SQLAlchemy
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=Non
Hi ,
I have searched the available articles, I couldn't find a proper solution perhaps LIVE member could help me on this
There's online learning platform which I need to allow all videos from this site, the training videos are embedded with Youtube l
...
Hi Folks,
We have an PA-3050 firewall with 5 vsys. Today we had faced an strange issue where the installation of new App and Threat updates are being failed with the error :
Error: Error serializing profile objects failed to handle CONFIG_UPDATE_STAR
...
webserver service in palo alto stopping after certificate renewal and trying to access GUI. CLI is working. Tried restarting webserver service and management plane. But its stopping as soon as we try to access GUI and unable to access
Hi Team,
Can we enable captive portal for the known users ?
Like for internal users.
We are currently managing Global Protect clients installation manually on the systems. So there any better way to manage the GP agent push and updates?
Hello,
Recently we have started working on enabling email alerts for our Palo Alto firewalls. One of the alert is for interface and HA status change alerts. Could you please let me know what can I do to enable same? Do I need any external tool for it
...
Dear Team,
When the firewall checks the policy, the Vulnerability protection profile is displayed as an Exclamation mark.
The OS is using 10.0.4.
I searched all bug-ids from 10.0 to 10.2, but couldn't find anything matching the symptom.
If y
...
Hi All,
Are Tenable vulnerability scans (see below) on Palo Alto firewalls / Panorama resource intensive for the PA devices? Does this cause high DP or MP issues?
https://community.tenable.com/s/article/How-to-perform-a-compliance-scan-on-a-Palo-
...
I've added a VM PAN to allow more Global Protect connections. It's working well for my cert based GP users.
In the example below GP connects to 5.5.5.5, the 3220 PAN NATs that to an address on its DMZ 10.100.100.10
and the tunnels for like a champ. Th
...
Dear Team,
I have a question while checking the traffic log.
In general, we know that each id is created when the session is created.
However, the http/2 connection session id is identified as the same id.
I know that when the session id is input acc
...
reaper
on:
What does ch mean in PA-VM-OS Software?
OtakarKlier
on:
PCNSE Bootcamp
reaper
on:
Version 11.0 or 11.1?
