nat64 error

Hello

I'm trying to do a NAT from ipv6 to ipv4.

On commit I have an error

"Nat64 needs an ipv4 in the rule for dest xlat"

Rule : from untrust to untrust , destination ip is ipv6 and translated address is ipv4 destination NAT

Thanks.

Download The Latest GlobalProtect Client?

I find not being able to download the latest client very frustrating.  I work from home several days a week and the company I work for, has just switched to globalprotect for their vpn requirements.

However on my companies client download page...

h

DNS Resolution with global protect.

Dear All,

I am facing some issue with DNS resolution. below is the scenerio.

I have Global Protect VPN setup.
after connecting global protect, i will take RDP of some internal machine.
RDP will take by host name example:- system1.abc.com resolved by I

Packet capture drop stage shows production traffic

I have been troubleshooting a intermittent issue where a device that sits behind my Palo Alto running 10.0.0.3 is frequently losing it's connection for UDP port 2156 traffic.

Today I ran a packet capture on the PA using the "drop stage" while the con

VMware Horizon View via Load-Balancer

Hi All, First time posting here. We have a fairly large deployment of VMware Horizon View and we're recently migrated from our old firewalls (Fortigate) to Palo Alto and since then inbound connections to our View Platform at this site have stopped wo

licenses renewal

I'm in need to renew the licenses of a PA-220 LAB registered under my PA account and I need help from someone else that is not who sold this device to renew the licenses. I'm looking to buy the licenses renewal. Thanks
License PAN-PA-220-BND-LAB4-R
PA-

Is there a way to check IF some IP or url is on any of the feeds, without listing them all?

Like descibed in the subject, I'd like to query some output nodes IF there is some specific object present. How can I do it? 

ISP gave us additional /29 but it needs to route through an IP of our existing primary /27

We requested additional public IPs from our ISP. They gave us an additional  /29 to add to our /27 but we had to choose one IP in that original /27 to route this /29. I'm trying to determine how to do this properly. Let me know if more clarification

Tips to block Yahoo Mail but not other parts of Yahoo

I wanted to make a post to the community to see what other people are doing about this issue.  We currently have a support case open with Palo for this and has been open for quite some time.  Long story short, users that have previously logged into a

Github-allow access to specific repository

How do I block all Github but allow access to a specific repository? For eg. I want to allow https://github.com/cisagov and block all github using a single URL filtering policy. How can I do that? 

I added github.com/* to custom URL list and set it t

Miner for Google IP Address

Just in case anyone is looking for a miner to mine for Google IP address, here is a sample miner 

• Google Services Miner

age_out
default: null
interval: 257
sudden_death: true
attributes
confidence: 100
share_level: green
type: IPv4
extractor prefixes[]
in

Prompt to change password as it will expire soon doesn't let you change the password

I've had a number of users reach out to me to reset their password for the GlobalProtect because they become locked out. They have all said they get a message that their password will be expiring in so many days, but are never prompted to reset the p