Pre-defined reports only useful for Last24 hours?

Hi,

I wanted to use the pre-defined reports for a summary of the last 7 Days (or Last week) but as I see, these pre-defined reports only work for the last 24 hours / last day, even though I send the Email with all pre-defined reports only every sunday

Filter Policies by Target "Device-Tag" not possible with 9.1.x (Feature Request)

Hi,
since we are changing policy targets from "device name" to "device tag" (device-Tag defined in Panorama > Summary), we still have the need to filter for special devices (device-tags) within the policy sets.

But what I have seen with 9.1.6, filterin

Global Protect not detecting Crowd Strike Firewall

Hello, 

Was wondering if anyone could help me? We recently installed Crowd Strike Firewall, but it's not being detected by the HIP Check I setup. I have created a rule for Crowd Strike Firewall. So technically it should see it right?

PAN Security Advisory (11-AUG-2021)

Thought I would just put this notice out since I know a lot of people don't actually subscribe to security advisories directly. If you haven't already, I highly recommend that you sign up for notifications via https://security.paloaltonetworks.com/ a

User id not fetching for same ip in traffic logs.

User id not fetching  in traffic logs.we created user base rule on that basis mapped ip address shows user id for same rule .but some time user is not authenticated from that user base policy rule and it is moving from next any any rule. if it is mov

Device uptime cycle question

Have any suggestion for uptime days?

I remenber seen one doc is 300days suggest reboot.

Now have any this doc?

Multiple domains on PA

Hello ,

We have integrated already the AD ( 3 Servers for redundancy)

The User id we are using is the default one which is on the PA FW

The domain is  abc.nl  . The setup is working .

Now we are building an entirely new domain called abc.es .   migrat

Possible to disable SSH CBC cipher and weak MAC hashing?

Hi,

May I check if it is possible to disable SSH CBC cipher and weak MAC hashing on Palo Alto Firewall?

If so, may I know how to do it.

Had no luck searching for a solution online.

Seems like there is no menu/config file (e.g. /etc/ssh/ssh_config) to e

bulk disable of security policies through CLI with set commands in a script

I have 6700 security policies I need to disable in a specific device group. I have them prepped in a text file in set format. CLI is only allowing paste of up to 20 lines at a time. I've tried enabling "cli scripting-mode on" and it still bombs after

IPsec tunnel doesn't show IKE gateway selected from drop down list

Hi All,

Hope you are doing good. 

I am running PA-8.1.0 on on VM and creating a tunnel with Cisco router. I completed all configuration on PA end. But when i go into ipsec tunnel, i can't see Ike gateway selected. I re-select it and then commit the c

/dev/shm filling up after 10.0.6 firmware

TMPFS partition /dev/shm on the VM series PAN.

Typically this is cleared on reboot but after upgrading to 10.0.6 its failed to clear the space on system reboot.

We have looked at the other drives on the PAN are there seems to be no capacity issues ot

WHERE CAN I FIND A COMPLETE LIST OF PAN-DB URL FILTERING CATEGORIES?

Q1, WHERE CAN I FIND A COMPLETE LIST OF PAN-DB URL FILTERING CATEGORIES?

We can't find a complete pre defined url categories.

Now the pre defined url categories have 73 ithems.

The KB was not update.

Q2, Where can I download/epxort  a complete list

Enable split tunnel for Zoom

Hi

We are planning to exclude all zoom traffic from Global protect VPN and currently we are using 4.1.5 GP agent version.

I have gone through the zoom documentation and created EDL but not getting option to exclude the EDL (external dynamic list ) in