Cannot block theoxymoron.xyz

Hello, I have been trying to block the site theoxymoron.xyz but can not get it to block.  I have tried URL filtering with many different versions of the URL as well as blocking the IP addresses for the site, neither of which worked for me.  We do not

Stuck in a customer support loop

I'm trying to setup my PA-220 to use the AIOps and need to login into the Palo Alto customer support portal.  I have not logged in for a long time, but when I use the account associated with my device, it tells me "Unable to sign in".  Trying forgot

Montioring DHCP with ManageEngine

Hello all.  We are demoing ManageEngine's OpUtils which advertises it can monitor Palo Alto DHCP scopes.  I have it connecting to one of our palos via Web API credentials just fine, it just doesnt return any data about the DHCP that is configured.  I

Self Signed Certificate for GlobalProtect VPN

Hello All!

We are having an issue regarding the Palo self-signed certificates.

As suggested without 3rd party paid certificate we are using a self signed CA and a certi issued by the CA.

(added to the proper ssl/tls service profile)

But the vpn portal

DNS Security Logging PAN-OS 9.1

Firewalls with DNS Security enabled and working in PAN-OS 9.1 logs are not visible in AIOps DNS Security (Activity:Dashboards > DNS Security - View all DNS Requests).  How to ensure firewalls and Panorama are properly configured and log data is reach

System error "Retrieving Content "IOT" info failed"-Panorama

Hi Team

Anyway, one having any idea about the below error

'Retrieving Content 'IOT' info failed'

Error getting on Panorama however, the customer not having any  IOT license.

Please find the attached snap shot of the error.

Regards

Roney R

PAN and intermediate CAs

Last couple of days I've had quite a few cases where I had to manually add intermediate CAs as a Trusted Root CA in order for decryption to work (for customers blocking untrusted CAs already on firewall).

These are quite well known intermediate CAs

SCP Export Error PanOS 10.2

Hello everybody!

It appears that PanOS 10.2 has the ability to export Software.  However, I'm receiving the following error when attempting to do so.

For reference, I am attempting to do this from Panorama.  The scheduled config export to the sa

Highlight Unused Rules Option - Missing

Hi,

We have multiple 'Admin Roles' setup and we have noticed the 'Highlight Unused Rules' tick box at the bottom on the policies page is missing.

What permission am i missing to allow this?

PA 5220 (PAN OS 8.1.10) Active / Active not synching tftp traffic in asymmetric routing scenario

Hi Experts,

I have the following scenario: a pair of PA 5220 (running pan os 8.1.10) in an ACTIVE / ACTIVE Setup (session owner 1st Packter - session setup 1st Packet) -We have been running Active / Active since roughtly 2 Years now without any signif

SSO Error when Accessing KB or Supportcases Portal

Hello all,

Recently (these two weeks) I have encountered SSO Error when browsing to KB & Support Case pages which I don't have such issue before.

https://knowledgebase.paloaltonetworks.com/

https://supportcases.paloaltonetworks.com/_nc_external/i

Captive portal SSL decryption policy requirement

Hi,

PAN has the following document [1] which says you need to have SSL decryption in order to redirect SSL pages to captive portal.

To me it doesn't seem to be accurate. Response page [2] workaround seems to be doing the same i.e without having an SSL

CRL Distribution Point (CDP) Config

Is there a place in the PAN-OS to configure the CDP address or does it only learn it from the certificate? We have a new CDP we are testing and have added it's IP to our cert but the firewall is not attempting to contact it, only the second one. Is t