Hi Community,
While exporting syslog from palo alto splunk in default format, what is the default format for config logs.
Where I can see the default format. Next to hostname what is that value "1" where it comes from?
I have imported the intermediate CA, from 'Sectigo RSA Domain Validation Secure Server CA' and root CA 'USERTrust RSA Certification Authority' is already there on firewall default, but still outbound decryption fails.
https://nvdpl.ca
What can i do here..Is it something we have to fix on server side or firewall.
Not Working, Block sessions with unsupported cipher suites, Selected.
Protocols allowed min SSL3.0 to MAX
Working, with Block sessions with unsupported cipher suites, Un-s
...
Good Afternoon Community!
I believe there is a minimum packet size for an application keep-alive packet for Palo Alto to register a session match. I am just having a hard time finding that documentation.
Does anyone know and could share or am I mist
...
I recently configured Path Monitoring for Auto Fail-over between 2 ISP but it is not working. Primary route is not removing from the routing table even when destination IP is unreachable
ISP-1: x.x.x.x
ISP-2: x.x.x.x
I have configured both interface on
...
Good morning,
We are currently using Symantec VIP for MFA with our PA. Management would like to move to Okta and would like to know if both can be used at the same time?
Thanks,
Steve
Already the specified Malicious URL getting a block from URL Filtering and detected in Threat Prevention with action.
it’s a dynamic FQDN/IP that has to block from the security rule base too, but the does not want to add each IP to block as he receive
...
Currently we can only see the logs for the files being blocked.
Can we set up the logs to allow us to see the successful transfer of a file?
Does Alert/Continue Action of File Blocking Profile log entry in the Monitor > Logs > Traffic?
I enabled http instead of https on nginx. However, I see still https url when I discover taxii feeds on Minemeld side. Is it possible to disable https on taxiiDataFeed output.
https://1.1.1.1/taxii-discovery-service
https://1.1.1.1/taxii-collection-m
...
I don't know the feasibility of this on the PAN. I've seen this done by means of custom scripts on load balancers. But, I thought it might be better to ask here since there are always more than one person with the same issue.
The current situation:
How we can configure HA2 for PA-VM Active passive deployment in ESXi.
Can we use ip-address from mgmt network to use it for HA2 on both firewall.
eg. 1.1.1.1 - Active firewall mgmt ip
1.1.1.2 - Passive firewall mgmt ip
1.1.1.3 - HA2 ip addr
...
Hi Community,
Customer is performing session distribution using destination NAT. They have three server nodes so they put them together in one address group and called that group in destination NAT session distribution.
it is working fine. But they w
...
Ok, I am not surprised in life that an upgrade can go wrong. Happens on many different technologies. But I recently had my over $60k PA5220 firewall brick going from 17.x to 18.x. And that was after getting advice from PA support before doing the
...
Dear ALL,
I configured Trend Micro DD Director to update IOC from MineMeld TaxiiDataFeed.
Here are the details:
- I enabled http on nginx in addition to https service. Both works fine.
- When I check the taxiiDataFeed with the following command, it wo
...
Hi Guys
I have come here with lot of hope , I am doing my masters project and for that purpose my topology .My goal here is to show how paloalto can block the threats with its inbuilt IDS IPS ,url filtering , block traffic etc but right now I am faci
...
reaper
on:
What does ch mean in PA-VM-OS Software?
OtakarKlier
on:
PCNSE Bootcamp
reaper
on:
Version 11.0 or 11.1?
