Rule to allow access for group of IP addresses

New to PA.  I'm looking to create a rule to temporarily allow access to any url for a group of IP's.

Floating IP for Active-Active pair VPN

Hi All,

I'm trying to configure a Floating IP for a VPN on an Active-Active pair of 5220's. I have the Floating IP configured with the Active-Primary Device Priority 1 and Active-Secondary with Device Priority 100. The Interface IPs for both devices

Palo Alto connection Virtual wire drop User VPN anyconnect

Hi everyone,

I am facing an issue where I setup my PA-850 as a transparent mode (virtual wire) and set the policy as default to allow all the traffic. Connection of my PA-850 is in between router and core switch. I can see all the traffic is passthrou

PA NGF SMB bruteforce behavior

Hi, 

Im wondering what is the behavior of SMB bruteforce vulnerability alert from PA FW. Vulnerability id (40004) SMB brute force seems to be triggered by a child signature 31696(SMB login attempt). Question is the child triggered every time there wa

Session End reason & Application Status

I would like to know about Palo Alto firewall Session End reason, why we are getting those reasons & how we can resolve the issue.

For example:

tcp-rst-from-client—> it mean the client sent a TCP reset to the server.

tcp-rst-from-server—> it mean the s

User-ID - Active Directory Keeps Sending Domain DNS and NetBIOS DNS

Hi Community,

Having a headache of an issue lately and I believe it to be an issue on the customer environment rather than a setting configuration on the firewall, or software issue in PAN-OS e.g.

I've little experience with enterprise active directo

Bypass/Disable Policy for destination address.

I want to make a policy/rule to bypass/disable policy in case of certain destination ip addresses. There is a way?

Wildcard (* .) Based Policy

Hi All,

I have a bit confusion about Wildcard based(*.) policy on PA firewall. If we have to apply policy for *.mysitexyz.com as destination for port 443, will there be any additional configuration require to achieve this or have to follow traditiona

Bluecoat GlobalProtect

Hi guys,

Does anyone have any news with Bluecoat working with GlobalProtect? There is a Bluecoat proxy before the firewall, and GlobalProtect through this proxy does not work. Without it, it works. Just want to know if anyone has any information at a

MineMeld on Ubuntu 18.04

Hi,

Is MineMeld supported on Ubuntu 18.04? There doesn't seem to be any documentation or mention of Ubuntu 18.04, we've ran into issues trying to set it up as we were trying to rely on the 16.04 guides but Ubuntu 18.04 has changed quite a bit from