Iinux smart cards supported for globalprotect 2fa authentication?

Dear community!

I have a quick question:

Dos globalprotect support 2fa authentication with Linux smart cards?

Thank you!

Alert on Policy Rule Modification

Hello Everybody,

I would like to know if there is a possibility to be alerted in case of modification of a rule.
For example: if a rule is modified, an email is automatically sent to a specific person

Thank you

Valentino

GWLB AWS - HA what to do if both appliances go down?

We are deploying two PA on AWS using GWLB and we are wondering what would happen if for any reason both aplliances go down , since all traffic (inbound , outbound and inter-vpc) is going through the FWs , do you know a quick bypass or fail-open solut

management interface & service route configuration

Hello
I am new in palo alto, I did a self-training
I would like to have more details about the relation between the management interface and the service route configuration
I have a little bit stuck on when to use the route configuration service
I think

Azure Tag in Security policies

Hi There,

How we could create dynamic security policies from Azure tag. In the Azure Market place I do see this statement.
"policies that are dynamically updated based on Azure tags assigned to workloads, allowing you to reduce the attack surface are

Session end reason: tcp-fin and aged-out?

Hi all,

I am using PA-850. I am having the problem. sometimes the internet is blocked. and I see in the monitor, the sesson end is: tcp-fin and aged-out. but after refresh some times, then I can access to internet.

Please help to advise how to fix it

How to remove log forwarding from syslog

Hi All,

I want know to how to remove traffic log from log forwarding?

Migration from 5250HA to 3250HA

Hi Everyone

We plan to migrate 5250HA to 3250HA. See if anyone has past experience.

5250HA Policy and objects tab are managed by Panorama, All rest is still on local. Main change is interface on 5200.e.g internet or DMZ zone includes 1G and 10G inter

dual catergory url checking

hello community.

I notice that this site https://www.pokmi.com/ is in dual category for Adult and catagory low Risk.

I made an url filtering rules that allow low risk category but that block adult category.

when I apply this rules to my traffic I hav

inter-compatibility

Hi All,

PA3020 and PA200 are used to form an IPSEC tunnel. Would there be any compatibility issue if we upgrade PA3020 to PANOS 9.1.12-h4 while keeping PA200 on PANOS 8.1.21?

Any known issues if we upgrade PA3020 to PanOS 9.1.12-h4? PA3020 Current Pan

Clientless VPN oracle app is not working.

Dear Team,

I have configured a clientless VPN. when I open a portal and launch the oracle app it is not working getting the below error:-

Troubleshooting:-

 - I have checked, I can open the same oracle application by an internal network. (Traffic is

SSL decryption - Connection is not Private

Hi Team,

I am configuring SSL decryption on Palo Alto using a self-signed CA. I have created two certificates, one for forward trust and second for forward untrust. I have installed the forward trust certificate into the trusted root CA of the machine