A way to correlate the logs for DNS Sinkhole?

Dear and valuable Live Community Members,

One of our customers came to us with some questions in regard to the issues he is facing to correlate the logs for DNS Sinkhole, and we are wondering if there is a solution to it.

The customer currently h

RMA replacement

Hi All,

We will doing a RMA replacement for PA-3220. The faulty unit is cannot access anymore from GUI or CLI and it's managed from Panorama. We only have the backup configuration and not the device state. So, what we should?

1)Do we replace the fa

Public Cloud Server certificate validation failed. Dest Addr panos.wildfire.paloaltonetworks.com

We received following alert:

-----

domain: 1

...

eventid: tls-X509-validation-failed
object:
fmt: 0
id: 0
module: general
severity: high
opaque: Public Cloud Server certificate validation failed. Dest Addr: panos.wildfire.paloaltonetworks.com, Reason: unable t

RFC1918

Basic trust to untrust policy I see internal address sending snmp to addresses like 10.0.0.1, 192.168.1.x.

Do people create a policy to block internal traffic going to RFC1918 on the untrusted interface?

Using Radius Authentication Peap-MSCHAPv2 for PA Management Interface Error: 400

Hi Guys, 

I was trying to add Peap-MSchapV2 for our Radius Authentication for Management Interface. 

I configured Radius Server Profile with PAP with Windows NPS, seems everything is working fine. And then I generate a new Certificate Signing req

How to set 2FA to local superuser

Prerequisites

Currently,  user has two admin accounts.

1. Default local admin account(Superuser)
2. New local admin account synchronized with Cisco Duo(Superuser)

End user has to consider how to treat “Default local admin account”.

As a result of considerat

Config Change Tracking

Looking for suggestions of how others track config changes: who made the change and what changed; similar to config audit but for every change made over time. The goal is training and accountability.

I’m aware of Rancid, which may or may not work a

MS-SQL Issues with 8656-7766 Dynamic Update? Citrix-Director seems to have broken it

No "Apps Seen" / Policy Optimizer data on Panorama

Hi,

We have a new deployment of Panorama using Datalake storage.

Log data from the firewalls is successfully coming through to Panorama, however, there is no "Apps Seen" or info shown for apps under Policy Optimizer.

Rule Usage data is available, and

Management interface dropping packets

Hi,

My monitoring system is detecting packet loss on my panorama device. When pinging the DG there is no packet loss. When checked the interface stats on the cli I can see the below.

admin@MANPANORAMA01(primary-active)> show interface management

--

Is the IP on any EDL?

Is there any place that I can put in an IP address and see if it is on an external dynamic list somewhere?  Going to this site:https://docs.paloaltonetworks.com/resources/edl-hosting-service and clicking around hoping to hit the right one (such as Az

How to implement BGP and eBGP on Palo

Hi,

I am migrating WatchGuard to Palo and there seems to be a lot more configuration options on the Palo. 

WatchGuard configuration is below. What is the best way to configure this within Palo?

Where is the option to set default-originate?

router

compatibility  error while installing cortex xdr agent in windows 7 ver 6.1

While installing cortex agent in windows 7 ver 6.1 getting compatibility error

Checked windows 7 version was 6.1 64bit operating system

Checked all the windows patches

checked .Net Framework is enabled

have tried installing older version as well as n

What expression to use to block/permit an entire website?

I'm having trouble figuring out what expression to use(in a Custom URL Category) to match any variation of HTTP requests for an entire website.  For example, I want a single expression to be able to match/block/permit the following HTTP requests...

• e