Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
As I have encountered and many others may also, when this unit was installed in a data center, the person did not follow hot and cold isle standards. Is there an option to replace only the power supply or type of fans to reverse the air flow? This wo
...
Hello,
I have PA 3020 on which I have configured a DHCP server with about 400 reserving "binding", and IP pool for non reserved.
this DHCP server is configured on vlan tagged subinterface.
every thing is going well for laptops and PCs "windows", but I
...
I want to reuse a pre ruleset because all firewalls of a type get these firewall rules. The issue is the inside interfaces are different zone names. Whats the best way to handle that situation while using the "no any zone" best practice? I am alreadl
...
Hello guys
I m trying to get a trial licence for lab purposes for my personal pa-220
Not familiarized with palo alto environment (thats why I bought the pa-220 btw)
I don t have an account manager or a ce because I m not a company.
More experienced users
...
Dear Team,
The challenge was that we need to do commit with wildcard in dns suffix ie. *.xyz.com but it failed ( PAN OS 9.1.7).
For workaround we have removed wildcard.
You seen in other firewall with panos 9.1.5 its having dns suffix with wildcard. F
...
I would really like the capability to setup packet captures for traffic that hits specific security rules. For example, we have rules that block outbound connections to Palo's dynamic IP list for known malicious IP addresses and would like packet cap
...
How to configure multiple DNS suffix and cross check on global protect if both DNS suffix entries exixt there.
Any help with documentation appreciated.
Thanks
Hi,
I currently have my lab PA-220 where its configured for prelogon and then on demand for the VPN, and it works just fine with saving cookies for the authentication and authenticates at the windows login screen without any issues.
Move to our produ
...
Hi,
I have been asked to import a new IP list within Minemeld; the Azure CDN (edge nodes list).
To retreive the list, I have the API documentation here: https://docs.microsoft.com/en-ca/rest/api/cdn/edgenodes/list
I am only a beginner when it comes to
We have an issue with a thick client application (AWS Workspaces client) connecting successfully to the AWS workspace over the internet. The palo alto firewall logs shows the traffic is allowed but the type is 'deny' instead of 'end'. Also session en
...
It appears possible to configure the firewall to be an OCSP responder to itself/clients from the posts below? Is that correct? (Specifically referring to self-signed certificates generated on the firewall) If so, is there any risk to having this se
...
Hi all,
I'm having a issue with the DNS Proxy feature. I'm running a Palo Alto VM (9.1.8) in Azure and want to use the VM as DNS Proxy. As default DNS Server, I want to use AZURE DNS 168.63.129.16. Additionally I have some Proxy Rules for internal Do
...
Ive been reading this forum for similar problems, but seems I have different problem.
I must say I had difficulties building this, but now this seems to be the last obstacle.
So I got minemeld up and running and its able to get feed and I can access th
...
Hi there, i have some issues with my firewall when using dns-proxy with enabled cache. I cannot resolve sharepoint domains e.g. bitmix.sharepoint.com, but when I disable the cacheoption everything works fine.
Does someone have any suggestion how I cou
Hi everyone,
This is the beginning of the discussions around the Google Chrome Search Extension by Palo Alto Networks. Let's talk extension.
/jh.
reaper
on:
HSBI and HA
reaper
on:
Agentless User-Id integration
reaper
on:
Required PAN-OS 8.1.25-h1 for PA 3060
