Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi all,
First I'm going to explain the use case I'm working on.
I have the MISP integration working properly. Every day I download the new attributes and publish them in a list to be consumed later by different sources.
This is our configuration
...
I am fairly new to Palo Alto so please forgive me for asking dumb question. With respect to backing up config before upgrade, if I save it as 'mybackup.xml' and something goes wrong with upgrade and I import it back in to restore, does the Palo Alto
...
I have a simple virtual wire installation here, just testing policies. I have a policy that is:
source: inside
destination: outside
application: any
service: application default
I attempted to connect to gmail through Outlook with IMAP and was being bl
...
Good afternoon, please support, I need to configure and limit the bandwidth of the Internet output of a pair of networks coming from a LAN Trust interface.
-Interface 1/1 is the outgoing WAN interface to the Internet.
-The segments 10.79.25.0/24 and 1
...
Hi,
Can anyone suggest on how to customize the email format of Palo Alto when log forwarding was configured and logs were sent using SMTP?
Hi ,
How can I allow multiple Diffie-Hellman (DH) group in IKE & IPSec profile while creating a VPN
What is the maximum limit on the number of lines to return? can it be increased?
I authenticated fine on the globalprotect portal but then I get this erro "globalprotect client could not connect to gateway. Please contact you IT administrator" Any ideas
Hello,
I want o start setting using Decryption Policy, to Decrypt & Intercept SSL (443) traffic from users when connecting to Internet.
I am wondering, can I use one of the well known Certificate Trusted, e.g., Global Sign by installing it on the Pal
...
I have IP spoofing protection enabled on PaloAlto but it is not effective due to the following reason:
My external Interface IP is 1.2.3.1/24 . The spoofed attacks are coming from a fictitious source IP for e.g. 1.2.3.25 destined to 1.2.3.50(web serv
...
I am unable to find the User group under user column in the Firewall Policy Tab and i see that the User Id agents are connected to the Firewall but when i do the same Search under the Group Inclusion List i see the Group in that Tab. I was wondering
...
I have seen for example on a small firewall when the customer enables SSL decryption that the counters for work groups "ecdhe_key_gen", "flow_host " etc. jump. This may show that the firewall can't handle the ssl decryption or that there is an SSL DD
...
Dear community,
We have a firewall with multi-vsys and the following scenario:
1 shared gateway and 1 public IP on external zone
1 virtual system and 1 private IP on internal zone
We configured DNAT to allow access to private IP from Internet followi
...
Hello,
I have configured a new Security Rule on top (#9 in the picture down) to Block traffic intended to a Custom URL configured in the profile Block_Files
* TOP RULE *
2 firewalls configured with HA active/passive, And enabled preempt on both of firewalls
Everythings find, can synchronize configuration and session
firewall-A is active-firewall with priority 100
firewall-B is passive-firewall with priority 120
HA timer
...
reaper
on:
Tunnel Monitoring
reaper
on:
Global Protect need to ask for password all time we connect
reaper
on:
GlobalProtect Android version 13 issue
