Resolved! DNS Security
Hi, We are getting warning message (Warning: No valid DNS Security License) when we commit every time. currently we are using PAN OS 9.0.5. Is it possible to disable this warning message. Regards,Logesh S.
Hi, We are getting warning message (Warning: No valid DNS Security License) when we commit every time. currently we are using PAN OS 9.0.5. Is it possible to disable this warning message. Regards,Logesh S.
I am trying to set up a TLSv1.3 / TLSv1.2 webserver behind a palo firewall with ssl inbound decryption.However i seem to get a lot of ssl errors and the website does not work if specific ciphers are not listed first...For one I would like to understand why that is and even ciphers listed here have issues: https://docs.paloaltonetworks.com/compat...
I have two PAN 3220s operating as Virtual Wires behind a pair of ASA 5525s. Normally in upgrading a pair of PANs you upgrade the standby, then suspend the primary (secondary takes over), upgrade the primary. Repeat as necessary to get to your target version. But since these are behind another HA pair, I'm concerned I could end up with a situatio...
Running PANOS- 9.1.12h3. What is the ssl decryption session limit.
Please advise how can we retrieve the admin account passwords logs( mean which account password was changed and when )?
Hi there, we plan to replace an old firewall cluster against an new one from PA. It will be an active-passive cluster of 2 PA-850 boxes, we plan to use threat prevention + dns security license.There is only one box active, the other one is on standby. Is it enough to have the licenses only for the active system, or do we need a license for the p...
I recently renewed some licensing on firewalls. The URL Filtering subscription changed to Advanced URL Filtering. On the firewall, under licensing, everything shows fine. In Panorama, for those firewalls, I noticed after doing a refresh, Pano shows them as not having any URL Filtering license. Is anyone seeing something similar?
Hello,I have been using a header insertion to restrict login to an approved list of Google Domains for a couple of years now. However, I have now encountered an issue and was wondering if anyone else had a similar experience or has any idea what to do.On one of our domains, there is a regular but seemingly random occurrence of login failures wit...
Requirement: have to make firewall config based on network configuration done on Nexus. My challenge is Communication is not posoble with network guys coz they are Chinese, customer speak different language as well. OBJECTIVE: we want DC firewalls to be used for filtering or traffic only and nexus to do the core routing.. In the config I can se...
Recently deployed several PA-5250s Running 10.1.3 and there is a issue that randomly comes and goes.Latency for traffic going through the firewalls spikes to 100-500ms. I was able to capture one thing that looked peculiar and that was flow_fpga_ingress_exception_err counts were high (8169388322) and the rate was high (12468). But I can't seem to...
Hi, we use Splunk. We tried following searchstring: http_category=malware | timechart count BY vendor_action We find out that we get back action allowed with category malware. Is there a failure in the search? The action in our URL security profil for malware is block. Is there someone with same environment and same results ? best regards...
Hello all , Thanks to check my problem as below Palo Alto Firewall cannot resolve DNS Server IP AddressCURL ERROR: Could not resolve host: serverlist.urlcloud.paloaltonetworks.comFailed to resolve host wildfire.paloaltonetworks.complease i will waiting for your swift feedback to solve , thanks alot BrMohamed Abbas
Hi All, I would like to access Global Protect for myself using different profile to access one of our resources subnet 10.21.xx.xx. I want to access without having to go through 2FA. Any idea for it? is it possible? Do we need to create another gateway on the GP for a single user?
We are facing issue with location even we block for example south Korea but all infrastructure VM GP showing location South Korea.Any thing that i am missing ?
I currently use minemeld to whitelist the list of O365 IP ranges etc, but I have not been able to find a miner for the Oracle Cloud. Oracle publishes a JSON file with the relevant IPs (https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json), so maybe I need to use Minemeld to parse the JSON somehow? Hoping I'm not the only one trying...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

