Dynamic user group using HIP log

Hi Team,

Just need to check if anybody faced the below issue in PanOS 10.0.x

I am trying to create a dynamic user group with HIP log by following settings,

1- created one Tag

2- Configured log settings for HIP log for build in action tagging the source

How does Validate Commit function work in PAN OS 9.0.9?

 I'm wondering if the validation process is checking the change against the running config and not taking into account the Interface IP change in the candidate config while doing the validation.

I am trying to make a change to both the IP address of

Configuring decryption, some gray categories and experiences

So I guess I'm just curious what the overall opinion of multiple people is regarding decryption and how well they take into account local laws, etc.
I get decrypting traffic can be a major step up in security and basically unlocks a lot of potential i

Local Checks Not Enabled (info)

As per VAPT done at our firewall found below vulnerability   :

Please suggest any solution   

=====================================================================================

Local Checks Not Enabled (info)

Local checks were not enabled.

Scanner did

how to block malicious Attack on server

Hi All,

Good day!

I'm trying to block malicious attack on our server but no luck. Please see below attack i encountered on server.

I've already create a policy for that attacked. I already set security profile for that specific servers.

Also i already

Panorama is dropping lot of traffic to syslog splunk

I have a active-standby panorama cluster version 8.1.17 that manages about 40 firewalls.  The active-cluster panorama is also a log collector-group.

20 firewalls send traffic/threat/URL logs to active panorama and the other 20 firewalls send traffic/t

Facing issue with SSL VPN with Particular ubuntu machine(Linux)

Dear Friends,

Hope you are all doing good!!!

I am facing issue SSL VPN for particular ubuntu 14.0 user.

Here is my findings and observation below:

================================

++ Customer having 4 diff ISP provider

++ The user was in full tunnel mo

GlobalProtect & SCCM

Long story short, we purchased GP and configured rules etc to allow SCCM traffic to and from VPN clients who are users working from Home.

We are struggling to release applications or updates to these users and would like to know if anyone has GP with

GlobalProtect MTU Size

Hi All,

I have an issue where GlobalProtect VPN clients are enable to establish a VPN tunnel when connected to a certain WiFi network. We have narrowed the issue down to the MTU size. 

Ther are various GRE tunnels and IPSEC tunnels which have reduced

PAN-OS SDWAN tunnel failover

Hi All,

  I have recently setup a SD-WAN between 2 PA firewalls. a default route was created automatically to sdwan.1. Though when one of the interface failed, it is not able to failover to the remaining tunnel which mapped to sdwan.2. May I know if