Data filtering - email issue

Hello all, i was configure data filtering and it works.But i face problems with the mailing. When the the fw match pattern it blocks it, but the email stuck in outbox queue , and the user can not send/receive other emails until the mail is deleted from the queue. Can we achieve some kind of silent drop, so for the client to look like the email ...

Minemeld Crashing, miner tab not loading, RPC timeout exception

Hi, we have an issue on our Minemeld instance in production. Similar to the issue reported in https://live.paloaltonetworks.com/t5/minemeld-discussions/minemeld-crashing/td-p/289998, minemeld randomly crashes with the following results: - the green loading bar keeps running across the screen - the nodes page won't load - TAXII output prototype i...

Different Actions for Security Rules

Hi Guys,I would like to know what are the difference between the following actions in the security rules for PA.1. Deny2. Drop3. Reset-client4. Reset-server5. Reset-bothWhich of these are the most preferred to use? Is deny or drop action also resets the connection for both server and client? Thanks

Two IP address from same subnet on an 1 Aggregated Interface

Hello All, I am pretty new to Palo Alto, wanted to check if the an aggregated port in PA can be assigned with 2 IP addresses from same subnet, say 1.1.1.2/29 and 1.1.1.4/29. The Idea is the ethernet interfaces 1 & 2 that are be bonded to ae will be connected to the two core switches (port 1 to switch 1 and port 2 to switch 2). After configu...

SMB URL File Logging acheivable or not?

Hi Palo Alto Experts, I want to know if we want to log SMB URL Blocked events then can we do in Palo Alto or not? Basically, the requirement is as below: Example URL if typed by compromise system is: smb://www.example.com/fileshare/malware.exe Right now I am only able to see Source IP, destination IP and Port, NAT information but full logging wo...

Add network to address group via CLI?

I am trying to add a network to an address group via CLI on PAN OS 9.1.X # set vsys vsys2 address-group XXXXXXXX static 108.61.41.0/24 Server error : static '108.61.41.0/24' is not a valid reference What is the valid syntax?

Outside interface listening on HTTPS "502 Bad Gateway"

I have this odd issue whereas one of HA Pairs seems to be listening on 443 on its outside interface for GP but I don't use GP and never had. I have a interface profile that allows HTTPS but not from any IP and when I disable that it still shows that page. no GP portal configured either. How can I stop it from listening on 443 for any source IP?

URL wildcard Pattern

Hello everyone, I need to block URLs that have a word pattern/string, It is possible to restrict certain strings inside the name of a URL?? for example the word "good" inside the website "www.goodwill.com" to be blocked ? I already try with Wildcards, any ideas on how to achive this ? block keywords for web browsing is this possible and how to d...

Data copying over Global protect VPN

Hello, I have one query:-If, I am connected with GP VPN and. I want to prevent the users can not copy files or data from the shared folder and server.is it possible?

Destination NAT for Route base VPN

We have an requirement to set up a route base VPN, but remote proxy IP subnet clash with an existing remote subnet. We are planning to use destination NAT, but not sure, how the routing will be controlled. Please help to solve this problem.

Palo alto routing query

Incompatibility Acrobat-GlobalProtect

Hi, Customer upgrade Adobe to versión 21.001.20135 and Global Protect stopped working. Issue is th esame like this:https://community.adobe.com/t5/acrobat/adobe-acrobat-reader-21-001-20135-preventing-users-to-connect-to-global-protect/td-p/11823885?profile.language=es Do you know if there is anything to do in Global Protect for this?