Fun with MS Office 365

Hello Community,

Has anyone found a way to allow access to a corp instance in o365 but block all other access? The idea would be so that a corp user can log into the corps instance, however block access to another companies or even personal instance.

Double NAT return packet dropping in firewall

Can anyone help point out if I am missing something obvious here.... I have a new vendor over an AmazonAWS VPN that I have to double NAT inbound traffic for (because they are using IP ranges that clash with our existing network and best practices, i.

IOT Policy Set creation ability missing?

Why is it that on some devices I am able to click and create policy (highlighted blue), but others like the Lenovo computer, or Dell Computer profiles I am unable to click and create a policy for them from the profiles page?  Seems to be related to d

URL Filtering > Advanced URL Filtering

Hi,

With legacy URL filtering no longer available we've renewed our subs with Advanced URL Filtering instead.

The license for this appeared in the support portal but did not come down to the firewall itself (still showing the legacy sub which expires i

Fail-over VPN site-to-site

Hi,

We have a PA with two VPNs configured. VPN-Main is the active one and if this vpn falls, the traffic must go through the other VPN-backup. The fact is that when the active VPN falls, the route that has the Palo Alto continues going through the pr

Globalprotect Certificate Pop-up sometimes?

When connecting to globalprotect, using MFA, sometimes after login there is a certificate popup that details the GP certificate.  You have to click ok or cancel. 

Anyone know what the deal is with this? It's not consistent, and it's not an error, but

How can I see which user access what website

Hi,

I'm currently managing a PA-220 and have setup URL-filtering.

I can see which IP-addresses that tries to access the blocked websites.

Is there any possibility to resolve/match this IP-address to our DHCP server to see exactly which mac/computer it

Unknow email address suffixed on PA Syslog

Few emails are neither registered nor getting suffixed from the Splunk SIEM solution.

A TCP dump from the server to identify whether the logs with the email address abcdef@123.com are coming directly from the PA firewall shows that those are from the

Requiring a certificate for security policy to control access

I have been tasked to lock down access to our devops environment for developers over VPN. Developers using non-corporate assigned assets (workstations & laptops) will only be allowed access to their desktop workstations in-house over RDP. Developers

How to allow VMware Workstation created VM's to work on physical PA-820?

Hi,

My home setup includes PC with multiple NIC's and a VMware Workstation that has my virtual lab (Windows domain controller, 5 ESXi  7 hosts, VCSA and some other stuff) This is licenced via VMUG programme.

My main PC goes through one of NIC's direct