GlobalProtect Prelogon tunnel and Portal authentication

Looking for assistance on a GP setup. I want to have a pre-logon tunnel (certificate, always on) and a portal, which uses SAML authentication.  I also need the user to have to re-authenticate any time they disable, sign-out, reboot, etc. The problem

Palo Alto and IBM Acquisition

Does anyone know the cutover date of Acquisition with IBM's QRadar and PaloAlto?

Disable and re-enable the 2FA for GP VPN connections

Dear community,

What is the best way to  temporarily deactivate 2FA authentication for Global Protect VPN SSL connections and enable authentication solely via LDAP server by entering the username and password, we aim to seamlessly reinstate the 2FA a

Unable to find the reason for packet drop

Hello,

In our Palo Alto the traffic is allowed on the firewall but it is not working. When we did packet capture we found that return traffic in drop stage. To find the cause of the packet drop I have set the filter using 'Manage Filters' in GUI th

Palo lato firewall is not fetching latest dynamic updates and software updates

Dear Friends,

We have a customer who is not able to fetch latest dynamic updates and software version.

we checked, ping reply is coming from updates.paloalto also address is getting resolved, 

we restarted device-server and management server also w

Slow GlobalProtect on PA-1410

Trying to see what might be going on with our PA-1410 after we upgraded to 11.0.2-h4 from 11.0.2-h1. We have tons of tickets for slow GP connections since that upgrade a few weeks back. We have a 1gb link and average usage is <100mb.

Users will co

PA-3410 Refer Latest Version and Upgrade Path

Hi Guy,

I am using PA-3410 PAN-OS version 10.2.8-h3, I want to upgrade the firewall to the latest reference version. Thanks to the team, please help me refer to the latest version of the current device and the upgrade path.

Github over 443? How do I allow on specific policy?

We have a specific rule to allow github based on PAN EDL of github v4/v6 addresses.  Git works over port 22 but not over 443 with the policy below.  I want to allow git over 443 on the policy below but not clear on the best way to do it.   Do I need

Moving BGP from Juniper router to PA 5410

Hello,

I'm planning to remove some older Juniper MX routers from the network edge and move the BGP peer configuration to an Active/Passive pair of 5410s.  There are two ISPs.  For now I'm just hoping to replicate the Juniper setup on the PAs.  Righ

Free online trainning course

are there any free videos for tranning? all the resources are based on  too much reading

trail license of

We are custome of PA. Need trial license.