HIP Checks for Browser Version

I have a customer that would like to limit GP authentication based upon browser version running on the clients.  They would like to collect all browser versions and then start blocking connections from clients below minimum settings.

Trying to figure

Panorama Task Manager History

Does anyone know how far back the task manager log should be in Panorama? I am seeing ~60 entries that go back only about 1 day in the GUI. The show jobs all command shows even less history.

Chris

How to safely allow downloading files from AWS CDN

Hello communities,

I am having problem and need to have your advice.

Currently, downloading files is not allowed in our network. However, there is a business requirement to allow download some report files (pdf, exel, word...) from a website which is

Global Protect Portal responding to Radius challenge

I have setup the Global Protect Portal to authenticate with a Radius server. 

I can see that it's working after submitting a correct username/password combination, but when the Radius server sends back a challenge for the user to enter a PIN for 2FA,

PA-220 radius authentication for management

Hi All,

I am trying to configure my PA-220's with Radius Authentication for management access am having some issues around the configuration.

The PA-220's are running PAN-OS 10.01.

I have created an Admin Role, Authentication Profile and a Radius Serve

what is the destination IP or URL to download the image for Palo Alto?

Hi, we need to upgrade the palo, can anyone please advise what is the destination IP or URL for downloading the image for palo alto firewall? thanks in advance. 

GP is unable to Sign In IPhone when Connect on Demand Option is Enabled.

Hi Team,

I have an issue that, When the Global Protect App is installed on an IPhone / IPad. We are unable to Sign-In / Connect to VPN if the "Connect to On Demand" option is in Enable state.

If we disable that option and then tried to Sign In / Conn

Integrating Minemeld Taxi with Cisco ESA

Hi All, 

I am trying to set-up Taxii output in Minemeld with Cisco ESA and I am receiving below error. 

The Warning message is:

THREAT_FEEDS: Unable to fetch the observables from the source: CofenseTaxiiMinemeld after 3 failed attempts. Reason

Inbound SSL decryption troubleshooting on PANOS 9

I am trying to configure URL filtering on an internal SSL web host and having problems.  I've found multiple videos and articles on both URL filtering and inbound SSL decryption but I cannot get it to work.  I've taken a step back and am just trying

PA220 HA shutdown problem

Hello, I have an active/passive PA220 cluster which unfortunately had a shutdown and now I want to find out what exactly the reason was.
At Monitor -> System: HA Group 1: Dataplane is down: dataplane exit failure
HA Group 1: Moved from state Active to

Integration of Minemeld with Cisco FMC (FTD and FirePOWER)

I am trying to integrate Minemeld with our Cicso FMC but no success.  I have creaed a new object in FMC to pull IOCs details from Minemeld server but its not getting data.

Need hlep here.

PA500 Restart Reason Log

I am trying to determine why a PA500 firewall was rebooted...i ran this command: tail mp-log masterd.log and got the below. I couldn't find any references for the restart reasons. How do i know if there was a power outage? Thoughts?

2018-11-28 13:37:

Expedition Tool Cisco to PA

I am having an Existing setup of cisco where all my ISP are terminated which is a standlalone device ,now migrating to PA 3220 with HA,but over here my ISP will be terminated on switch and from switch one cable to PA 3220 will be going...how do i mig