URL blocking Web Advertisements with exceptions?

When i set our URL filter to block category 'web advertisements' it works as expected. However, it also blocks many of the results of Google and Bing searches. I understand that is because the results in question are web advertisements, strictly spea

Internal Host detection - Needed refresh connections in some devices

Hi,

We enabled "Host internal detection" because user in company complanining about GP was taking the cursor. After configurin "Internal host detection" the GP stop taking the cursor but there are some users which its necessary to  "Refresh connectio

Please help clarify about action of DoS protection policy.

We understand DoS protection works when we set action Protect.

We need to know the benefits to setting action Allow and Deny.

Because we think that option is the same as normal security policy.

Thank you.

TS Agent is not working

I have installed TS Agent v10.0.0 software (x64 bit) on a Windows server in a Citrix environment. I have also configured on the Firewall the IP address of the TS Agent Server, 

I have allowed the firewall policies to grant access from Firewall to TS

PANOS 10.1.2 TACACS stops responding - needed reboot

I have an issue I was hoping to get some feedback on.  I manage 27 different Palos and also Panorama.  I have one FW that stops responding to the 2FA setup with TACACS+.  All the devices are the same configs and all running 10.1.2 code.  A simple reb

Palo Alto admin UI single sign on with Okta

Configured the Panorama SAML authentication for Admin UI SSO integration with Okta.

I followed the Okta/Palo Alto single sign on setup instruction. Here SP(Palo Alto) will initiate the SSO and Okta will acts as an IDP.

https://saml-doc.okta.com/SAML_Do

Nat out to internet with overlapping subnets in two separate virtual routers

Below is an example diagram of my scenario.  We have a subnet that is part of our production network, and then we have the same overlapping subnet for testing and disaster recovery which exists in a separate virtual router.  I've oversimplified the d

Panorama VM - Decrease Size

Hi Community,

I got a customer who has a VM Panorama with 1 TiB of local storage.

Now we have a SIEM solution installed, where the long-duration logs are stored, so the Panorama disk storage is oversized now.

I know there's a guide to add disk space t

GloablProtect WFH Split Tunnel Domain-Include issue

this semi coincides with the zoom discussion  

I've setup Split tunnel and added a bunch of domains *.whatever.com into the split tunnel include domain tab. This works half the time and the other half not at all. I've tested on mac and windows. 

I'm al