General Topics

Need Help deleting files on PAN /dev/sda8 and /dev/root

Hi All,

Need help on how to free up spaces on the below partitions on my PAN device, support cannot seem to figure this out. Please help..

Filesystem Size Used Avail Use% Mounted on
/dev/root 4.0G 3.4G 407M 90% /
none 4.0G 56K 4.0G 1% /dev
/dev/sda5 24G

install PanHandler on Windows 10 system.

Published install instructions for PanHandler are for MAC and Linux systems.  I run Windows.  Here is how I installed PanHandler on my Windows 10 system.

Install Docker for Windows from the Docker Hub -- https://docs.docker.com/docker-for-windows/ins

Device certificate

Hi all,

     I want to know, what device certificate is for and what it does?

Thanks !!!

"source user" empty in monitor log

I'm looking at an old version 7 PA3000 which uses a user-id agent to map users (active directory) to IP addresses.

When i log onto the firewall CLI  a "show user ip-user-mapping-mp all" command returns what looks to be a valid list of user mappings. 

Disable Cipher Suite

As of the pen test via SSL LAB  i was observed that less secure ciphers like DES, RC4 were supported by global protect portal ,so that i have disable the all the weak cipher suite and it's successfully done but the when i disable CBC-256 Suite when i

How to inspect email contents within outlook.office365.com?

I have decryption turned ON for outlook.office365.com url but firewall cannot really inspect the contents that are inside the email. Is it because Microsoft encrypts the email and Palo doesn't know how to decrypt it? has anyone tried decrypting outlo

Strange behaviour of HA pair active passive

Today i've noticed a strange behaviour of HA pair of Pa820 (panos 8.1.6) in Active passive configuration.

In the dashboard page i've noticed the running config not in sync with peer.

So i checked the differences with the diff button and i discovered th

PAN-OS 8.1 Partial IPs Captive Portal redirect not working

Hi Everyone

I have some problem for Captive Portal redirect.

PAN-OS - 8.1

SSL decryption - enable

Authentication - Active Directory

IPs - 1000+-

Platform - 3250 Series 

the problem is partial IPs cannot get captive portal page to authentication, but parti

Dashboard we don't want to see global protect client version

global-protect-client software need to remove from "currently activated" in short we dont need to see any activated global-protect-client software in NGFW.
Tried to delete but unable to see delete software image i.e cross sign which has currently acti

Policy Configuration hostname

i want to configure security policy based and want to allow access only by end user hostname...can we do that?

Clientless VPN and bypassing the Guacamole admin login page

Hi,

In the middle of POC testing accessing internal servers via RDP, using Clientless VPN and Guacamole. The Clientless VPN and Guacamole side are already set up and working fine.

This is how I would like to see the POC working:

1. External users conn

External BGP Static Route Advertisement, with Path Monitoring an inside net

I have an existing LAN with two data centers. The firewalls at each are not in a cluster, and have different internal/external connections and tunnels, so changing to active/active it not possible. They each have separate DMZ's right now.
We need to b