Is there security advisory information for CVE-2021-3449 (openssl)
There is github POC for openssl CVE-2021-3449.is there any information or security advisory about it? thanks
There is github POC for openssl CVE-2021-3449.is there any information or security advisory about it? thanks
How do you query the list of configured devices groups using the Panorama REST API?
Hi All, We have four tunnels(tunnel 1, tunnel 2, tunnel 3 and tunnel 4) configured to reach the AWS Network through BGP on an single default virtual router on the firewall and all the tunnels are up. There are three ISP in total connected to the default router and Balanced round robin method is enabled on the firewall to pass the traffic. The Tu...
On a Palo Alto is there a way to take a packet capture on a specified interface and simply see everything as is on the wire? For example on a Check Point I can do a tcp dump on a specified interface and the interface is basically put into promiscuous mode and I see traffic after firewall, after NAT, etc. On my Palo's it seems I have to pick a s...
The firewall internal interface used to have GP portal configured and then removed, we found the XML API does not work on the standard port 443. In web browser an API call returns the 404 error. Pcap shows that the firewall does not reply to the call. We need this for Clearpass integration, and when testing with a different port (with NAT) it wo...
Dear team, How to enable the popup message when the users are login in and login out in Global protect. for example, users are connected in the GP at the same time VPN is down so users need to get a pop-up box like you are not in the GP or logout.
Hi team, One of my customer experiencing a weird issue in global protect. When Client joins the GP he get a private IP 172.16.100.230 and i can see that system logs and also in his GP Agent. When he initiates traffic i can able to see that private iP in traffic log as well but issue is when i go to see the current users in GP Gateway >Remote ...
Most of the discussions I've heard, talk about managing your deployment with something other than the firewall (so thousands of users aren't hitting the firewall during an update). I have questions in two areas: 1-How do you handle updates when getting pushed from a centralized manager to windows clients (assuming your clients are internal only...
Hi Team, We have 2FA auth method using Radius Server for GP VPN users login.After LDAP password authentication users receives SMS Token and when user entering the token the GP VPN again prompts for the token.So eventually user receiving another SMS Token and when entering second token user getting authentication failed message on GP client. For ...
Hi Everyone, I am struggling to solve a problem NAT issue and need some help. I need to configure May-to-Many NAT on Palo Alto Firewall between two data centers. I have three /25 IPv4 subnets which needs to be mapped to three /25 subnets (subnet to subnet basis if not one to one IP basis) and three IPv6 /40 subnets needs same treatment. Traffi...
We have Palo Alto VM-100 that we are planning to transfer to our new Infrastructure.So we want to activate license after migration.Please advise how to transfer license to new VM during the activity. Thanks in advance.
i set up a URL based output to feed into my lab box but it won't accept the URLs reaper@PANgurus> request system external-list show type url name phishing phishing Total valid entries : 0 Total ignored entries : 0 Total invalid entries : 1643 Total displayed entries : 100 Invalid urls: ...
Hi Community, I am trying to figure out how the GP Ipsec connection behaves, if the IPsec fails to connect at the time of initial GP connection and the GP falls back to SSL, will GP retry IPsec after any specific interval? is this configurable ?. Also is there any way I can move the Ipsec connection from UDP/4501 to any other ports? Thanks in ad...
Dear , We found the PA Firewall System alert : high : cdb: Exited 4 times, waiting 720 seconds to retry , Please tell me how to solve it?
Hello I'm trying to do a NAT from ipv6 to ipv4. On commit I have an error "Nat64 needs an ipv4 in the rule for dest xlat" Rule : from untrust to untrust , destination ip is ipv6 and translated address is ipv4 destination NAT Thanks.
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 2 |

