Audit Global protect server

Hi,

We launched a sslab test for a GlobalProtect Portal website. Our note is B. We would like to improve these two things but we dont know what it can be done in PA config. These are:

routed-config-p2-failed

Hi All,

I am trying to add new interface to the ospf and pushing the configuration from Panorama to firewall, But I am getting the below error while commiting "client routed phase 2 failure", Commit on secondary firewall is succeeding. Issue is onl

ACC-SSL Activities

ACC-SSL Activities

'ssl/tls
other'
What means?

PAN-OS 10.2 on PA-220

Hi All,

I was just wondering if anybody had any experience of 10.2 on PA-220 I am thinking of upgrading and haven't heard anything concrete either way.

As always thanks in advance for any help.

How to change the Vsys ID in palo alto

Hi Team,

I have already configured the Vsys ID 15. Now I want to chnage this Vsys ID to 2. Is this possible ?

Please help me here

XDR Agent Disabled

I've installed a XDR agent to a workstation, and it's not connecting to the server. I've installed the  it on different workstations and that's working fine. After the installation the agent never connected to the server and showing it's disabled. Wh

panorama scp export more command?

It is linked to equipment A, B, C, D in the panorama.

I want to extract only the traffic log for equipment A.

  ↓ ↓ ↓ ↓ ↓ ↓ The above command extracts all A, B, C, D traffic logs. ↓ ↓ ↓ ↓ ↓ ↓ ↓

scp export log traffic start-time equal 2014/05/16@1

[ICMP Covert Channel] Allow only ICMP Ping packet that has specific payload.

Dear all,

I am using PA-8.0.0-ESXi virtual machine and I am trying to prevent covert channel communication using ICMP Payload.

For example, as captured using Wireshark, the default ICMP type 8 (Echo request) for Windows machine is abcdefghijklmnopqrs

block IP's in same zone

Is it possible or practical to block traffic between two server in the same firewall zone by designating the source IP from the server you want to block access to the server to the destination server indicated by IP

Masscan Detection

Anyone knows how Palo detect Masscan? 

Palo Alto User Agent ID Services Failing intermittently

We have 2 User ID agents on 2 different windows servers. Both User-ID agents' services are getting hung up and requiring manual intervention of services being stopped and started after couple of days. The issue has progressively been getting worse as

Help License required for SD-WAN to function

The license has been applied to use the feature, but the following statement appears.

only one SD-WAN license.

 There is no communication problem with the updates.paloaltonetworks.com server.

Discard UDP from Paloalto Session TImeout

Hello all,

Recently, customers are experiencing a phenomenon that Syslog traffic coming into the same source port remains in the Discarded Deny Session.

As a result of my checking, it was confirmed that it occurred while being constantly refreshed

PA440 not booting

Hi everyone,

I have a problem after rebooting a PA440. The device simply puts a message on the console that no bootable media has been found and then shows a BIOS-like menu with several entries (boot manager, system setup etc.). However, if I select