GlobalProtect configuration issues

We are trying to setup a new portal, changing some default app settings.

Although display traffic block message is selected to yes, it still does not display message although enforce-globalprotect is set to yes.

Also to exception-list i added few test

cannot export cert - failed to process command

No issues exporting other certs as PKCS12 or PEM w/ key

I have tried from multiple browsers on multiple machines - all same thing

When I enter passphrase and click ok. I download an error.txt that states "Failed to process command"

I tried reloading the

Sectigo CA Chain Decryption Issues

Due to the recent expiration of the Sectigo RSA CA cert (https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020) and our Palo firewall SSL decryption policy configuration to block expired certificates we

Monitor Firewalls through Panorama (SNMP, API query ...)

Hello,

I am trying to monitor some firewalls via snmp but just asking to the Panmorama devices that are managing these firewalls:

If I run a snmpwalk using this OID 1.3.6.1.4.1.25461, the information about the firewalls that I get from the Panorama is

Route the Internet Conference Application Traffic to Second Internet Line

We would like to set the Internet Conference Application (like WebEx, Zoom and GoToMeeting etc) use another Internet Line.

But we check on the NAT is need set by Service Port, and the Policy Base Forward cannot set the application like WebEx, Zoom and

PaloAlto Firewall - Onsite Spare Unit Ownership Issue

Dear,

We are planning the refreshment the Firewall, and this has an option for Onsite Spare Unit.

If we purchase the firewall with OnSite Spare (OSS), WHO is ownership of the OSS hardware (end-user customer or vendor/SI or PA)?

Thanks & Regards,

James

Error while changing Syslog format

I'm trying to send syslog to Qradar. As part of this, Qradar asked me to remove the spaces in the LEEF format but when I enter a single into GUI, spaces are auto created. How to remove them and feed as a single line in Palo?

can I do it via CLI instea

VPN Tunnel Flapping

Hello all,

We are detecting problems with a VPN Tunnel using IKEv2. The tunnel is a L2L tunnel agains a third party vendor (Sonic Wall) the tunnel works fine on all the aspects, but sometimes the tunnel falls down and we do not why exactly. When the

How to prompt Global Protect system tray upon windows login?

Hey everyone, I would really appreciate some help from someone who has gotten this to work!

In our environment, we enforce 2 factor with the vpn, while this gives added security to the network, it inherently disables pre-logon. I would really like fo