Dual ISP, PBF traffic not returning

I have two ISPs configured with path monitoring and I can successfully monitor the primary route and fail over to the secondary, however what I would like to do now is use PBF to always send some of my traffic out the secondary ISP.  Everything I've

unable to block google chrome updates

I blocked 'google-update' app in firewall rules but I still see some of the users' browsers getting updated. I can't find any helpful logs for those users. 

Please let me know a solid way I can blocked google updates on Palos.

TIA.

Certificate renewal impact before expiry

In Palo Alto some certificate are expire in this months. Request you to help us to know will there be any impact at user end if certificate expires and we renew on firewall before expiry.

Validation of Local client certificate failed resulting in error 58, Problem with the local SSL cert

Hello,

Has anyone encoutered this error message below? I could not find much info on this.

Using PA500 with PAN-OS 8.1.4

domain: 1 receive_time: 2019/02/09 10:16:13 serial: 00xxxxxxxx seqno: 4858056 actionflags: 0x0 type: SYSTEM subtype: wildfire conf

Automation of GlobalProtect installation

Hi all,

I am trying to automate the deployment of GlobalProtect software in laptops with Ubuntu installed and I have faced an issue not easy to explain. The operating system is being deployed automatically in chroot mode, and one of the last steps in

What does it means Stage e Events GlobalProtec Fields?

Dear, we are doing a large and hard troubleshooting to forensic analysis into our company, so we need know more information about the "GlobalProtect Stages and Events columns Logs Monitor".

Example: what it means the stages: before-login, tunnel, host

PA 9.1.4 to zabbix snmp integration only showing mgmt interface data

Hi All,

My PA firewall which is running 9.1.4 I have sending the snmp traps to (v2c) zabbix server. but it only showing mgmt interface traffic?

has anyone face this issue?

GRE passthrough

Hi,

we have a site on an already trusted zone, we require to allow GRE traffic through the FW to enable our wireless access points communciate back to the wireless controller (aruba). I have created a custom security policy to allow this gre and papi

DNS security service review

Hello all,

has anyone tried DNS security service on Physical NGFWs? Does it provide any additional benefits compared to the regular Anti-spyware protection with Threat licensing?

Please post your reviews. TIA.

Traffic with MTU SIZE 1000 is not working

Paloalto is blocking traffic when we send traffic with MTU size 1000 and 1000 plus (ping 192.168.1.1 -f -l 1000),

due to this, we are facing some issues with one of our services.

datapne interface not reflected in user-id agent after changing service route

we have changed service route of user-id and ldap service from mgmt to dataplane interface of firewall.

in windows based user-id agent earlier mgmt ip was showing connected,but after changing service route to dataplane interface , dataplane interface