Hello
i have read the articles regarding the types of ssl decryption:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV8CAK
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/decryption/decryption-concepts/ssl-forwar
...
Looking to deploy template stacks to all of our managed firewalls from our Panorama 8.1.x. I am wondering how to deploy STACKs with values unique to each individual in a HA (active\passive) pair. Some settings would include:
Hostname,
HA configuration
...
Hi All,
As above, how can l do that?
> view-pcap mgmt-pcap mgmt.pcap
Thanks,
Myky
Folks,
We have 2 Palo Alto FW and 4 aruba switches in the same area (area 0), we are noticing that the aruba fw is loosing neighbor relationship with the routers every couple of seconds 30-60 seconds. The configuration is very simple, an
...
Custom URL category is configured to block phishing URLs collected from Linux MineMeld server through EDL. For some reason adding filter "?v=panosurl" (https://10.9.0.60/feeds/phishing-url?v=panosurl) to retrieve URLs in PAN-OS supported format (malw
...
Just upgraded to PAN-OS 8.1.9 on our PA-500 a few weeks ago. Just saw that 8.1.9-h4 is available now. Wondering what the significance is of the "h" in the name of the release version.
I am new to customizing miners in Minemeld and am trying to create one for Azure's US GovCloud Ranges https://www.microsoft.com/en-us/download/confirmation.aspx?id=57063
Here is my code to creating the miner which i based off of a minemeld json miner
...
Hi,
anyone had issues after updating to this version?
We had strange behaviour accessing some websites stating that 'File Transfer Blocked' there was nothing showing in the logs.
We rolled back to 9.0.3 and problem went away. Possible bug ?
D.
Hi Team, I have completed BPA Day one Configuration and would like to merge those best practice with my Production configuration back. Please suggest the best way to implement. thank you
Hello,
We are a moderately-sized customer without an assigned sales or engineering resource due to account transitions.
We are in the process of moving to a new ISP and it has been suggested by internal resources, for other reasons, to utilize the s
...
Hello,
PA-3020 is falsely identifying some adobe-creative-cloud-base traffic as being a threat. I can't add an exception for this as the log view does not contain a threat ID as it normally would for a threat. All of my dynamic updates are up to da
...
if we have PA in vwire mode for troubleshooting purposes we can do pcap
Also we can do
debug dataplane packet-diag set log feature flow basic
I am migrating a configuration over from a Cisco ASA that uses multiple contexts and have several questions about how to replicate that in a PA.
1. The ASA's use port-channel groups and for the internal and external those are shared. On the inside in
...
With PAN OS 9.0 Does PA do cloud clookup for everydomain
or
only for domains which are not in DNS sinkhole of Antispyware profile?
I was told DNS security is a part of PAN DB so when clouds verdict is that particular domain is bad hows does this
...
Is it possible to turn off DNS lookups when performing packet captures on the dataplane?
I was hoping to run some pcaps, without taking up too many unnecessary resources through DNS lookups.
Thanks.
OtakarKlier
on:
Understanding URL Filtering security profiles vs Rule Action
OtakarKlier
on:
Qualys scanner blocked
OtakarKlier
on:
Split-tunnel not working properly
OtakarKlier
on:
Palo HA with LACP to Cisco Stack Switch
aleksandar.asta
BPry
on:
how to block facebook and instagram on mobile
