Firewall drops VSS-Management trailer due to Layer 4 checksum enabled

This is not an issue, but a general document about an issue that we experience with a customer last weekend. The issue is not well documented by Palo TAC and it took us the help of another customer who experienced the same issue with the same applica

File types need to block

The file type is malicious as per the swift advisory 2021, that need to be block on the Palo alto Firewall.

File Type .gmu,.ekt, .jpn,.er,

Communication between Panorama and a Firewall from outside

Hi PA Experts,

We have a Panorama (10.02) that we will use to manage multiple firewalls from different companies, so it's a multi-tenant deployment. 

I have 2 questions for now:

1. One company is concerned about security connecting their FW to Panoram

Global Protect Single/One login Portal/Gateway

Good afternoon, I have a question:

I have Global Protect configured and operating, operating correctly Portal and Gateway.

When one uses the Global Protect App, it always asks 2 times for login, I understand that one is in the Global Protect Portal an

Timeout on syslog sourced User-ID mappings?

Greetings all,

Taking another look at our user-id mappings with our server team today and we've landed on trying 90 minutes for AD.  We set this on the agents installed on two of our AD servers and the firewall is showing the new logs coming in as ha

PCI DSS testing failure

We are using SecurityMetrics to test for PCI compliance and have recently started receiving a failure based on TCP/IP Initial Sequence Number (ISN) Reuse Weakness (CVE-2002-1463) for the PaloAlto firewall (5.0.8).

I'm not sure how to remedy the proble

Unable to sign into GP client with Azure AD SSO

Hi All,

Trying to setup Azure AD SSO with Global Protect, but am receiving the below error. According, to the Microsoft documentation it means that the user is not assigned to the application in Azure, but I can confirm that the user is assigned corr

setup Palo Alto in GNS3 using palo alto image .ova

Hi, Anyone can share protocol to setup Palo Alto in GNS3 using palo alto image .ova
Thank you very much!

PA-220 Generations / Versions

Hi All,

As part of a large project I have been deploying PA220's, this has been ongoing for about 2 years and 130 boxes later. 

When I started the boxes were heavy as, then they were lighter and now we are onto the third variation of the PA220.

Is th