To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Hello I'd like to copy one application group from Unit1 to Unit2.On Unit one:configure run set cli config-output-format set show application-group WiFi-appsIt gives me somethning like:set application-group WiFi-apps members [ adobe-update apple-push-...
I trying to understand what gain we have from having our vCenter server monitored by our PA 3020 firewall?I reading about it here, but not understanding it.https://www.paloaltonetworks.com/documentation/71/pan-os/web-interface-help/device/device-vm-i...
In the below code - I"m using the API to query the URL logs. It works great. What isn't returning though is the src.user field, if it's mapped. How can I get this value? Do I need to do a separate query? JP # Build PAN API Connection and get token pa...
Hello everyone. Got a question to the community on an interesting situation: - PAN-PA-3050 / PAN OS 7.1.10- Drop Counter increases on two aggregated interfaces (ae3 - interfaces 1/3 & 1/4) - connected via Cisco vPC tech with a Nexus FEX switch- new p...
Can PaloAlto distingvish between DropBox and DropBox for Business ? We are trying to make rules that denys DropBox, but allows DropBox for Business.
Hello Brothers, Plz i want make a POC with one of our clients, but i need to know what's th best practise for putting the PaloAlto in TAP mode !!i mean:1-what's the rule policy that i must create ?? must enable all security profile ?2-must make dycry...
Hello allis it possible to put timestamp in user activity report for chronology?I am checking the Including detailed browsing but i can not see in the report which user or group of users at what time went into some resource
Hi Guys, I have slight confusion about the working of URL filtering i.e once u define the URL Filtering Profile on any rule how does the URL or any website gets catogorised,i mean how does the PA knows that this website belongs to this category. I kn...
hello i am new to palo alto i recently configured bgp on my palo alto pa 500 device and my bgp peer is getting connected and then after a minute it gets disconnected and the bgp state becomes active. also i am using md5 key for authentication. could ...
I'm probably missing something simple, but I can't figure out what. I have GlobalProtect Portal setup on the datacentre (DC) firewall. I have GlobalProtect Gateway setup on the office firewall, with XAuth enabled. I can connect to the Gateway using t...
I have customer using TMG holding public ssl certificate for mail . The mail server doesnt have ssl certifcate.Customer wants to eliminate TMG and using palo. Can palo hold the cert to authenticate the ssl . Mail serversits behind the palo in trust z...
Hello all, Here is my question. Can I configure on the same firewall one global protect profile to only authenticate users based on certificates and a separate profile to authenticate users based on their AD credentials? Currently I have authenticati...
Hello,is anyone using ocsp as single app in a rule ? It's sometimes failing to match, seen as "web-browsing" although on very easy to recognize URLs such as ocsp.comodoca.com. Quite annoying when you debug a third-party software failing to setup beca...
Hello guys, I have a couple of PA-820 (PanOS 8.0.3) who has been imported to be managed via Panorama.Since that, everytime I make a "Push to devices", they lose the association between 2 interfaces and the zones and I need to fix them manually. I gue...
Hello. We have such kind of problem. This user has allowed privilege to visit this category and the other one, but PA very frequently identify it by ip, not the username (with User-ID). we use agentless client for mapping between PA and our AD.The pr...
on:
want to know options to disable GP connection
on:
Can PA-220 support 3000+ users with one user ID group mapping
on:
Configure Session Timeouts particular source or destination ip in Palo Alto
on:
Panorama Serial Number Change (unable to) As log collector is using different Serial Number
on:
Configuration checks against CIS security benchmarks
on:
Traffic Thourhg the intended Security Rule
| User | Likes Count |
|---|---|
| 34 | |
| 18 | |
| 16 | |
| 14 | |
| 10 |
