Two IP address from same subnet on an 1 Aggregated Interface

Hello All, 

I am pretty new to Palo Alto, wanted to check if the an aggregated port in PA can be assigned with 2 IP addresses from same subnet, say 1.1.1.2/29 and 1.1.1.4/29. The Idea is the ethernet interfaces 1 & 2 that are be bonded to ae will be

SMB URL File Logging acheivable or not?

Hi Palo Alto Experts,

I want to know if we want to log SMB URL Blocked events then can we do in Palo Alto or not? Basically, the requirement is as below:

Example URL if typed by compromise system is: smb://www.example.com/fileshare/malware.exe

Right

Add network to address group via CLI?

I am trying to add a network to an address group via CLI on PAN OS 9.1.X

# set vsys vsys2 address-group XXXXXXXX static 108.61.41.0/24

Server error :  static '108.61.41.0/24' is not a valid reference

What is the valid syntax?

Outside interface listening on HTTPS "502 Bad Gateway"

I have this odd issue whereas one of HA Pairs seems to be listening on 443 on its outside interface for GP but I don't use GP and never had.  I have a interface profile that allows HTTPS but not from any IP and when I disable that it still shows that

URL wildcard Pattern

Hello everyone, I need to block URLs that have a word pattern/string, It is possible to restrict certain strings inside the name of a URL?? for example the word "good" inside the website "www.goodwill.com" to be blocked ? I already try with Wildcards

Data copying over Global protect VPN

Hello,

I have one query:-

If, I am connected with GP VPN and. I want to prevent the users can not copy files or data from the shared folder and server.

is it possible?

Destination NAT for Route base VPN

We have an requirement to set up a route base VPN, but remote proxy IP subnet clash with an existing remote subnet.

We are planning to use destination NAT, but not sure, how the routing will be controlled.

Please help to solve this problem.

Palo alto routing query

Incompatibility Acrobat-GlobalProtect

Hi,

Customer upgrade Adobe to versión 21.001.20135 and Global Protect stopped working. Issue is th esame like this:

https://community.adobe.com/t5/acrobat/adobe-acrobat-reader-21-001-20135-preventing-users-to-connect-to-global-protect/td-p/11823885?pr

SSL Inbound Decryption Failing

hello, we are setting up SSL Inspection for inbound traffic but it is failing when clients try to access, we are getting unsupported protocol errors.  ssl labs shows the following issues around handshaking.

with SSL Inspection off we do not see thes

Panorama<->Firewalls connectivity issue

Hi all,

After I modify the route service and restore it to the state before the firewalls (2 HA firewalls  + PA220 ) are no longer connected to the panorama.

No changes are made on the network side between the two.

Panorama : VM (VMware ESXi) version

URL Filtering Issue Through GlobalProtect

We are facing a issue in URL Filtering while connecting Palo Alto PA-220 via Globalprotect.

When I am using broadband connection to connect to my laptop to vpn then all the configured url filtering sites are getting blocked but when we connect it thr

Static group, that has 2 dynamic groups as members, used in decryption policy?

I have a static group with 2 dynamic groups as its members, that is in turn used as the source object in a no-decrypt rule. I have discovered that this does not work; decrypt still happens. However If I use the dynamic groups directly as sources in t