Hey everyone, We just enabled a feature on the LIVEcommunity that allows for products to be linked inside of discussions or articles.. this helps cross link information throughout the site, especially useful if you are looking for specific informatio...
To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Hello Community, I want to block one specific https URL (without applying decryption rule) but the traffic is being allowed by the lower policy. I have applied many combinations with the wildcards but none of them works.Can someone please help me wit...
Hi Team Im trying to configure Global protect prelogon for some users. I have configured everything, here the challenging part is configuring machine certificate for authenticating users. I have create Self signed root ca in firewall and created clie...
Hello All, I have a scenario where I will be having two ISP's (ISP-A and ISP-B) connected to the PA Firewalls via eth1/1 and eth1/2 interfaces. Both these Interfaces will be in the same untrust-zone. ISP-A will be the primary one and ISP-B the backup...
In PA traffic is blocked due to threat signature.In threat kogs it shows reset both. When i check the signature it shows default action is alert only??? Why PA is resetting the connection when signature shows action as alert only???
Hi, How can I get and download NFR licenses for vm-100?
Hi all, I have a bit of a dilema here and hoping somebody may have some ideas.... We have threat prevention profiles applied to security policies relating to traffic entering our DMZ from the internet.We have PCI obligations and use Qualys' PCI scann...
Hi all , I am running PAN OS 8.0.19 and GP 4.1.12 and users cannot access google play store while they are connected to the VPN from androids . I have tried with spli tunneling including 63 subnets from google and I have tried full tunnel defining in...
Hi Community, I noticed, that in 8.1.x (7,8,9, 9h4) the "SSL Exclude Option" in Device > Certificate Management > Certificates is missing.The PAN-OS 8.1 guide mentions this option on page 198, and you can see it in a screenshot in this KB point 7:htt...
In LSVPN VPN setup how can we deny specific subnet to not advertise to gateway. I have selected Publish all static and connected routes and I want to deny some of static routes of them , how can we do that ? I know we can disable public option manual...
Hi All, PA-5050 PAN-OS 7.1.24 Is it expected behaviour? Thanks,Myky
Background: I have a trust zone on ethernet1/2 192..168.1.0/24 and an iot zone on ehternet1/4 10.10.10.0/24 and I want to be able to cast things from endpoints (mobile phones and laptops) to the chromecasts on the iot zone. It seems like multicast (a...
Hello, can anyone tell me what version of Ubuntu I should use for MineMeld ?
I setup a couple nodes for miner, aggregator and output for Azure IPs to test. Now I want to delete some. When I try to Click "X" to delete any of the nodes, I get red error popup in corner that states "Error deleting node: Timeout". I removed the mi...
I need to create O365 IP/URL EDLs but when I try to access the output nodes I get "Unauthorised" message unless I sign into AutoFocus in the browser. Needless to say I cannot do the same on a firewall. How do I allow anonymous connections to a feed i...
Hi.I have PA850. According to this link (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm7yCAC) I configured backup with local Superuser account. Everything is OK. But then I created new Admin Role named backupadmin and ne...
on:
How to Migrate of existing config / rules from PA-3020 in a HA pair to PA-460 in a HA Pair
on:
Query regarding upgrade Path to 8.1.21-h1
on:
Guidance on swinging an Exchange 2016 On-Prem server from ASA to PA 820 (vWired currently)
on:
IPSec tunnel to Azure - Strange issue
on:
Palo Alto Test Pages - Inconsistent Results
