DNS Proxy inheritance source

I want all devices on one of my interfaces to use my DNS servers, regardless of their configuration. Seems pretty simple, but I'm stuck.

I can edit and OK/OK out of the DNS proxy dialogs (PANOS 4.1.2), but commit fails with "Inheritance source needs t

GlobalProtect OCSP validation not working

Hi,

OCSP verification configured in a Certificate Profile on my Palo Alto 3020 doesn't seems to work.

My GlobalProtect configuration with pre-logon is working with machine certificate but when I want to see the status of the OCSP cache on the Palo, I

Check Log storage per day

Hi guys,

Is there any way to find out stored log size per day?

on show system logdb-quota command, there are full data stored size there.

I'd like to know how much size for log storage per day.

Thanks,

Is it possible ! How to get internet from dhcp client with vlan

Hello Friends !

I am new to palo alto network ,i starting to understand and learn palo alto network firewall some time back .

I have setup a firewall panos 9.04 on ubuntu with kvm using bridge connection and  vlan  ( i want to setup a passthroguth but

Remote Access VPN - Strongswan client to PA GP Gateway

Is it possible to access a GlobalProtect gateway using the strongswan client on Ubuntu 16.04 LTS? I am trying to use ikev2 and use certificate authentication.  PA guidance suggests it is possible using Ubuntu 14 and PAN-OS7 but I can see no guidance

Blocking outside-to-outside blocks ping from outside interface. Is that ok?

Hi Gang,

First, thanks for having a look and a big thank you for taking the time to respond.

I recently created a security policy rule that blocked outside-outside zone traffic. I did this due to outside traffic that did not match any NAT rules, for

GlobalProtect Use Connect Before Logon is not compatible with Pre-logon(Always On) ?

Hello to All,

We are use globalprotect with Always-on and "Enforce GlobalProtectfor Network Access" and blocking the users to delete or disable the globalprotect app. This way we are forcing them to always use the VPN. We are planning to test "Conne

Is PANOS 9.1.6 is vulnerable for wreck security vulnerability?

Hi guys,

Im having a query whether any of the PAN OS has the vulnerability as wreck in Palo alto network firewall. If so kindly update me here.

I have searched with the PAN Advisory as well as other portals. like these https://www.cvedetails.com/vulne

Hybrid model (where some exchange mailboxes are hosted in Microsoft 365) (using DNAT) Palo Alto inspect the traffic be regarded secure enough?

We have clients who want a Hybrid model (where some exchange mailboxes are hosted in Microsoft 365) rather than full blown integration.

Would the proposed solution (using DNAT) with the sources constrained to the Microsoft approved IP/URL list and ha

Error Palo Alto Global Protect on MacBook

Commit Error Messsge for Application being used

We noticed last month that a core firewall PA-3060 has started reporting the same error message as in this link. Application being already in use. We have provided tech support files to PAN support but they are still unable to determine the reason th