How to reimport a csr via api

Anyone ever tried to import a csr back into config?

I generated a csr on panorama the other day and then went to generate a certificate. (I did not commit at this time)

when I came back with the csr response someone had reverted the config so my csr

What does these vaules in dp brdagent logs mean

2021-08-04 03:08:26.800 +0000 PORT4: board_port_autoneg_enabled -> board_port_autoneg, link: 0, mode: 1
2021-08-04 03:08:26.856 +0000 Port 1: DISABLE command received
2021-08-04 03:08:26.856 +0000 PORT1: board_port_autoneg_enabled -> board_port_reset,

Palo Alto 10.0.6 5220 and 'show session all filter min-age'

Hello All,

Just wondering if 'show session all filter min-age 4000000' displays relevant information. We have around 3200 sessions in session table at average, but when I am trying to look for long-lived or even stuck(?) connections number using comm

VPN Site-2-Site both sides with dynamic IP

VPN Site-2-Site both sides with dynamic IP

Good afternoon, first of all, thank you very much for your support and help.

Is it possible to configure the following:

Site 1: Palo Alto with Dynamic output to the Internet.( already have NAT configured on t

Directing SMTP Traffic to VPN Tunnel

Hello Team,

I am new to this kind of issue and need suggestions as I need to execute the same in my Organisation. I would like to know if we can direct the SMTP Traffic (Outlook Mails) to our IPsec VPN Tunnel without disturbing any other application

CIS Control 13.5 - Unauthorized use of encryption

Looking for input on this one. From a Palo Alto perspective, what would be the best way to monitor for encrypted traffic in general? Need a way to make sure we're specifically able to point to traffic that was encrypted and provide a report or show t

HTTP Server Profile > Payload Format

Hi Everyone,

Device > Server Profiles > HTTP
I created a server profile, however, My curl request is not working, Can you kindly provide any information about how can I fill those fields (Headers, Parameter information and Payload)? How can I translat

Windows Remote Assistance

Hello,

I'm fairly new to PAN after years with other  vendors.

We're using Windows Remote Assistance in the network. This requires allowing the ms-rdp application between the network from which we want to assist and the target network. When I try to

I found message from scan secutity on Palo alto 850 "Insecure Transport: Weak SSL Cipher ( 11285 )"

Hi All

I found message from scan secutity on Palo alto 850 "Insecure Transport: Weak SSL Cipher ( 11285 )"

I did configuration command like in document. but the message it still show after scan again.

anyone have idea

for SSL/TLS to disable weak Al

VPN S2S Site with Dynamic IP and site with FQDN ( DynDNS )

VPN S2S Site with Dynamic IP and site with FQDN ( DynDNS )

Good afternoon, is it possible to set up a Site-to-Site VPN between a site with a dynamic Public IP and a site with a DynDNS FQDN.

PaloAlto----IP-Dynamic Public----Internet-VPNIPSEC-----PaloAl

Looking for Palo Alto Networks Certified Network Security Administrator Exam Study Material & Tips For Preparation

Hello,

I'm planning to get Palo Alto Networks Certified Network Security Administrator certification. How long will take to prepare for the PCNSA exam as I have little experience of working with the Palo Alto firewall. Where I can get the learning ma

Decryption Log Forwarding

I upgraded to PanOS 10.0.6, and am trying to forward decryption logs via email.  If I go to monitor -> decryption, then I see a bunch of rows where zone.src eq untrust and zone.dst eq untrust and ( proxy_type eq GlobalProtect ), application is incomp

GP gateway getting ignored

I have one of the users getting the below error in the PanGPS log

ignore gateway gateway.####.com , duration time is 0xFFFFFFFF, priority=1
gateway.####.com -1ms

This user is located near the mentioned gateway, How to make this work for GP Client not

Network Processor

Hi Everyone,

How does one check which network processor a unit uses?

Thanks in advance.