FW has stopped recognizing several users and does not map them with the corresponding domain group, so it does not apply the necessary policies.

PXE boot not working through FW

Hi all,

I have a FW with PanOS 9.1.7 that is causing PXE boot issues with TFTP protocol.

When traffic is not routed through the firewall it all works and I have seen several threads about this problem but no solution.

DHCP server: Windows Server 2012 R

PA equivalent of ASA packet tracer?

One of the more useful features in troubleshooting on the PIX/ASA (which we used until recently) is the packet tracer, which allows us to enter source/destination IP/port, etc and check to see if a given connection is allowed or blocked, and by which

SSL Decryption Issues - MacOS Big Sur 11.2.3

We have had SSL decryption configured since we deployed Palo Alto firewalls and it works with little issue on our Windows OS platforms. We have a new project to deploy a few MacOS clients as the application development team requires the ability to te

How long time will need to prepar the PCNSA

Hi everyone

 I would like to prepare the certification  PCNSA.

My idea is to pay the tax exam as soon as posible will make force me to study the exam. I would like to know how many hours and time will need for I am going to the exam.

Regards

PA Destination NAT

I have a use-case that all subnets/VLANs should be able to access the server (192.168.4.4) via HTTP using the loopback IP address 192.168.6.2/32.

The PA firewall is the gateway for all the VLANs. I would like to confirm if this is possible? The sourc

application

Guys, good afternoon.

I have a very confusing problem, I try to access a certain "HTTP" site and I get an error (It is not possible to access that site), we perform a test outside our network and the access is done normally.

Analyzing the LOGS, I fo

User-ID only tags IPv4 or IPv6 address in dual stack

I've got the User-ID agent installed on three servers and I've recently began enabling IPv6 internally and I've noticed a problem.  The traffic logs in Palo Alto only associate either the IPv4 address or IPv6 address of a machine with a username depe

Getting the SpeedTest.net servers with MineMeld

This is less a question needing an answer and more a "so you don't have to go through my pain" type of post.

I was having a problem with SpeedTest.net where the suggestion of a server for testing was taking over a minute to appear after the rest of t

Would minemeld also work for Windows and MAC Updates?

Hi, I just came across minemeld when searching for excluding Windows and Mac Updates from the Palo Alto VPN.

We are experiencing a lot of problems when trying to exclude the updates from the VPN.
We already excluded a lot of domains but unfortunately

can MineMeld be installed on ubuntu 20.04?

I'm getting this error, how do i get around it?

$ sudo apt install -o Dpkg::Options::="--force-overwrite" -y minemeld
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This m