SSL Decryption with iOS 13 Devices

We began testing of the iOS 13 beta last week on several test devices that are connected to our internal mobile device network.  This network passes traffic through the Palo with SSL decryption.  We are finding that iOS 13, even with our cert install

auto-tagging registration on remote user-id agent

Hello colleagues,

did someone manage to use dynamic tag registration on the remote user-id agent? I cannot find any explanation in documentation or community discussions. It is written in the manual that need to create a http profile

https://docs.palo

PA-3050 detected dns queries to malicious URL but all other anti-malware detected none

The Palo Alto device is saying that a workstation on the network is querying the DNS server for some malicious URLs for some of the dates and some of the time.

Full scan using McAfee VSE, Microsoft Safety Scanner, Malwarebytes, Spybot, said no malware

Advanced URL Filtering with PAN OS 8.1

Hello,

I recently noticed that URL Filtering licenses have been replaced by Advanced URL Filtering licenses.

The version of the box is PAN-OS 8.1.

My question is: Is it possible to use these new licenses with version 8.1, or do I need to upgrade to PAN

Allow Only Google-Chrome Update and Block all other google related pages

Hi Team,

The Google and Google related products/pages are completely restricted at our environment.

We only allow a specific destinations from our internal Application servers.

To remediate the vulnerability risks, we are in need of updating the google

can not able to download file after enable ssl decryption

Hi Team ..

We have enable ssl decryption then we could not able to download big file. 

Downloading starts and after some time it automatically in reach to pause state.

We disable SSL decryption then we could able to download file. 

Firewall side we did n

Password History

I am wondering if there is a way to clear password history. Due to audit requirements we need to have "Minimum Password Complexity" requirements including changing on first login and preventing Password Reuse.

I am having issues keeping an account sy

Will this configuration work?

I will configure 14 VLANs in total. I will connect all Firewall Interface to one of the L2 Switch and I will cascade the other L2 Switches with that L2 Switch. In this case, do we need Trunk? Please check if any problem with such configuration.

There

VPN Tunnel IPSEC L2L VPN NAT not acting as intended

I am Labbing up a configuration I am about to go live with in production but it is not acting as it should when trying to apply a NAT rule to a tunnel interface. When I apply individual rules to the vpn traffic as I would like it to act I am not gett

Appid ms-teams-audio-video vs ms-lync-audio

We're having both legacy lync users and Teams users in our network. But for the life of me: I don't seem to get hits on "ms-teams-audio-video" .

Is it because the data itself is not different enough so the contentid engine can't see the difference? Do

Missing Secure Flag on the SSL Cookie after a vulnerability assessment ran on PA820

In my case, the team is performing a vulnerability assessment on PA820

Vulnerability Title: Missing Secure Flag From SSL Cookie 

Description: The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure chan

Barracuda to Palo Conversion

I've tried searching but have not been able to find much information. Does anyone have experience converting a Barracuda ng800 to Palo Alto? I'm working with someone that just received a pair of PA-5200 series firewalls and want to move their Barracu