General Topics

Device certificate is not renewing automatically

Hi all, hoping someone may be able to assist with an issue.

We are seeing that every 3 months our PA device certificate is expiring which causes issues fetching updates from various cloud services (URL filtering, wildfire, update server etc).

Upo

URL Filtering - Counter Termism Internet Referral Unit (CTIRU)

Hi All.

First post so hopefully in the right place.

We are using our 3220s for url filtering in our school.  I have been asked to check if our filtering is including content from the UK CTIRU database.  We make use of the Extremism category as part o

Thermal Temperature Sensors PA5050 - 5250 - show system environmentals

Hello, good afternoon

I hope you are all well.

I have a question regarding the command output: show system environmentals

In the ----Thermal---- section the following appears:

PA-5050:
----Thermal----
Slot Description Alarm Degrees C Min C Max C
S

Looking for CLI command to view status of URL Admin Override Timeout

Looking for CLI command to view status of URL Admin Override Timeout, could someone please help me on this.

cli command to capture accepted traffic and dropped traffic.

Can someone help me with command to capture accepted and dropped traffic through cli or through webui interface of firewall.

I tried command show log traffic dst/src/sport/dport   but looks like show log traffic in general does not provide good info.

H

PaloAlto Firewall CLI partial commit by object-xpaths

Hello,

I`m trying to include only single object into commit.

Web interface allows to exclude objects from commit:

On the first glance looks like CLI could provide such option:

USER@Device# commit partial
+ description Enter commit description
+ dev

Palo VM randomly stops forwarding traffic

Hi all,

I have a new Palo Alto VM-100 running in Proof of concept on version 9.0.2-h4

I'm using a virtual wire to protect servers against all kinds of attacks, malware etc

Yesterday evening for the first time, everything behind the firewall went down.

PCNSE Cyber Security Practice Lab

I am preparing for the PCNSE.  The link to the CyberSecurity Practice Lab does not work.  Can someone point me to the new location or an updated link?

Thank you

DHCP WAN nat to loopback interface for restricted management

Greetings!

Running Pan OS 10.2.3-h2

Is it possible the have DHCP on the WAN interface, Nat inbound traffic to a loopback interface that allows management?

The inbound security policy would restrict access based on set of FQDNs

Is there a way to see how many Address objects/groups I have?

Hello, all.

I'm trying to determine how many address objects and object groups I have across all of my VSYS on one of my platforms. I found the command to show the maximum allowed (see below), but not one that shows how many are currently there.

Is t