Doubt with Subordinate-CA Cert in PA firewall

Doubt with Subordinate-CA Cert in PA firewall

Good evening, for issues related to for example decrypt as we need a certificate type CA, we can generate a certificate Subordinate-Ca from for example our CA server enterprise windows, import in our Pa

change site access and user cred submission

Hello,

Is there an easy way to change site access and user cred submission actions (from say allow to block) for a url category on a bunch of url filters at once?

- Jisha

twistlock.sh onebox failure

The following warnings are reported when executing "twistlock.sh -s onebox"

WARNING: You're not using the default seccomp profile
WARNING: IPv4 forwarding is disabled
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disa

IP Geolocation with Anycast IP addresses

Hi there,

I am wondering how geolocation is working with IP addresses where anycast is used.

Anycast addresses are shared by multiple server, typically with different locations.

How is such an address assigned to a particular country/region in th

Proxy IDs, NAT and IPSec VPNs

Hello,

When using IPSec Tunnels with Proxy IDs with NAT to hide source traffic, should the Proxy IDs be set to  the Hide NAT IPs and destinations or the original source and destinations?

Thanks & regards

How to find IP address of user connecting to GlobalProtect VPN

Hi, 

can someone tell me how to find the home IP address of a user who has connected to GlobalProtect?

I want to be able to audit GlobalProtect connections to ensure that they are coming from the actual home network of the user rather than from the I

Can't log into Panorama after changing to Panorama Mode

Our Panorama VM was operating in legacy mode due to under provisioning when it was deployed. I recently had its resources increased to the Panorama Mode minimums and activated Panorama mode using "request system system-mode panorama". Everything seem

After fresh install 10.1.6 dns wont work Panorama

Hi guys,
did anybody get the same issue like me. After a fresh install of Panorama 10.1.6, dns wont work. I troubleshoot this for a while and find out that panorama not even yet request the dns. I read the Adressed/Known issue couple times but never f

API query from panorama to get IPsec tunnel data

API query from panorama to get IPsec tunnel data

tried the following queries:
http(s)://hostname/api/?type=op&cmd=<show><running><tunnel><flow><all></all></flow></tunnel></running></show>&key=<generated-key>
https://IP//restapi/v10.0/Network/IPSecTunnel

DNS Resolution stops after ~10s after connecting with GlobalProtect

Hello...

Many of my end users are now reporting that after approximately 10 minutes of logging to VPN using the GlobalProtect client they lose DHS resolution to internal and external resources. For example, when this happens. Users cannot access or ev

ACC is not loading post upgrading to 8.1.23

ACC is not displaying any data, it shows as "in progress". Recently Panorama and managed firewalls are upgraded to 8.1.23 post upgrade we ran into this issue. Tried restarting the management server but it didn't helped. Shall I try restarting the dat

Possible to remove/deactivate my vm-series license which the firewall is offline/unreachable?

My old vm firewall is no longer in used and not connected anymore.

Is it possible to re-use the license key on another firewall without perform the deactivation on the VM itself (because it has been disconnected and removed already)?

I tried to use

TCP 443 Web Server Allows Password Auto-Completion

Hello dear community, good afternoon:

Please your support: I tell you about an "X" vendor vulnerability scan tool, I detect the following vuln against the IP of the MGT WEB-GUI of the Firewall.

Problem,inconvenience, vulnerability against the WEB-G

Tracing external IPs back to internal IPs at a specific moment in time...

In the course of tracking down security vulnerabilities, I find myself trying to trace External IPs (from external security scan reports) back to Internal IPs at a specific moment in time (the timestamp from the scan report). Most of the time, it's v