Hello!
I'm studying the PCNSA, may I ask you a question about a security policy?
The "it" group in that policy could be a Radius group imported on the FW?
Or could be a way to map users to group?
PS:
it would be very useful if Palo Alto offered a free
...
We've been trying to redirect the decrypted port mirror traffic to a remote sever in the network.
If we plug a notebook into the decrytp port mirror of Palo Alto, we see all the decrypted traffic in Wireshark.
So, we tried to connect PA port into a swi
...
Hi all,
I'm confused as to what the difference is between the "VLAN" tab under "Interfaces" in "Network and the "VLANs" section in the sidebar in "Network"? My goal is to create a couple of different VLANs for a network where certain traffic has to b
...
We are told that the clientless apps only works with HTTP/HTTPS based apps, and therefore we cannot use it to allow MS remote desktop.
This is the problem I am trying to solve. Our users currently use their own computers at home. They connect to the
...
I am having an issue with logging into globalconnect. When I click on the icon to open the link instead of showing the login page this Microsoft account Login appears instead.
if I try and login it tell me the information is incorrect and won’t conti
...
Hi Team,
I am planning to create new vysys on firewall which already managed by panorama.
In this case if i enable it from panorama and push the configurations to local firewall will create automatic device group and templet will be crated are do i n
...
Hi Team,
I am trying to create a Dynamic user group using Log settings for HIP logs by the following procedure,
1- created one Tag
2- Configured log settings for HIP log for build in action tagging the source user with the tag created before
3- created
Hello!
I'm new in the Palo Alto world, so I'm sorry if the question is too easy but I didn't understand which type of configuration contains in-progress changes. Should be the candidate one, right?
Thank you
Ale
Hello all,
we have configuration with dual ISP.
From the 1st provider we get public IP directly on the PA
2nd provider is with nat, i mean on PA we have private IP.
When the route goes through the 1st one everything works fine.
When we switch to the 2nd
...
Hello to All,
How can for example the log fil brdagent.log be exported for checking physical issues like in article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNcBCAW&lang=en_US%E2%80%A9 or is there a way export all
...
I've got a user that uses keyboard maestro (an application) to run macros for software development. The issue is that keyboard maestro requires secure input (Mac OSX feature) to be disabled to be able to run. GlobalProtect since it starts as a servic
...
We recently got shipped 2 new PAN-PA-3220 and both of them were DOA.
ing PAN Software: 2021-03-10 21:02:39.170 -0800 Error: sysd_construct_sync_importer(sysd_sync.c:358): sysd_sync_register() failed: (111) Unknown error code
2021-03-10 21:02:40.170 -0
Hello,
I tried to search online a lot but I could not find what exactly are the contents of tech support file are that we occassionaly download and send to tech support for support.
Could someone please throw some light on what exact information is d
...
Is there an way to monitor if\when internet connectivity is lost on an interface on Palo 5220? We are trying to determine if our internet connection is going down occasionally (for just minute or less), but not finding anything on the Palo to indica
...
Hi all,
Anyone have update relate to "HAFNIUM targeting Exchange Servers with 0-day exploits", I don't search any information relate to this nofication:
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
Our customer
...
OtakarKlier
on:
Understanding URL Filtering security profiles vs Rule Action
OtakarKlier
on:
Qualys scanner blocked
OtakarKlier
on:
Split-tunnel not working properly
OtakarKlier
on:
Palo HA with LACP to Cisco Stack Switch
aleksandar.asta
BPry
on:
how to block facebook and instagram on mobile
