TCP 3 way handshake success (telnet) but data doesnt flow through

Information
Source : 10.1.1.1
Destination (example) 202.181.200.188
Destination Port : 8443

Client is running on port based firewall

Issue (Technical not an issue just the firewall behavior) :

3 way hand shake success which mean telnet port 8443 is succes

Does HA2 link failure trigger failover

Hi,

I've got firewalls in active/standby mode and  preemptive is not enabled. HA2 link flapped for around 12:47 PM  GMT and link was up at 12:52 PM GMT

Model : 5060

Active/Passive PA with Dual ISP in eBGP and private owned /24 ASN

Hi,

Looking for some guidance on our setup. I am looking to establish pure ISP failover without having to take action on my / my team's side. Presently when there is an outage, we need to do manual intervention to get connectivity back up.

Here is an

multicast test

PA is using cisco switch as external RP. Over a system I start the stream on VLC but I don't see the multicast address in multicast FIB. System is connected to network that is directly behind firewall. I use this tool multicast test tool (https://com

IPSEC s2s VPN between VM-50 and PA-3220

We've done plenty of s2s IPSEC VPN tunnels between our DC firewalls and branch offices. I have a new branch office which we are configuring the same way as the others, yet the IPSEC VPN is not operating as expected. The tunnel is showing as up and th

MS Active Directory Security Group Changes Not Applying over VPN w/ prelogon

Our organization has been struggling with getting MS AD security group changes to apply over VPN w/ prelogon enabled for a long period of time now. I have had support tickets in with Palo support and MS support. Palo support has determined via Global

Palo Alto blocks legitim applications

Hi everyone,

We have defined Risk App block rule which contains the app by risk category, characteristics and vice versa.

After upgrading PA to 10.1.5-h1 version it starts to block ssl, web-browsing, google-base, whatsapp and other apps which are not a

Okta has 400+ IPs that are all /32. Looking for an EDL solution

Has anybody figured out an edl to allow communications to Okta without manually entering the whole list?  My customer is using Okat for MFA and the Okta Portal uses a whitelist so they have policies that anything hitting Okta should use ip x.x.x.x. 

No change in retention of summary log after the log storage allocation update

 Current panorama and log-collector issues

Panorama – mgmt. server only –  SW-version: 9.1.12-h3

Log-collectors :

PAN02- – PAN03 –  same SW version as Panorama

1.The summary log retention days did not change after the log storage allocation update

PAN02>

Cortex XSOAR search "contains" instead of "equals"

Hello

Is there a way to search a Domain in Minemeld with "contains" instead of "equals"?

As example:

We have entered *.blabla.com" in one of our Nodes.

I would like to search for blubb.blabla.com - which of course does not match.

Also "blabla.com"

Apply QOS for a particular Server published to internet

Hi Team,

  We have a SFTP server behind our firewall and its NATed to one of the interfaces of the firewall , we need to restrict the bandwidth to the  SFTP server from Internet. When clients from internet connects to the server for downloading files

To Uninstall XDR

Hi i need to uninstall XDR  through SCCM