Problems with GlobalProtect from China?

Hi,

  we have a user who spends a lot of time in China, but is having major problems getting GlobalProtect working while there.  Does anyone else have any experience running GlobalProtect out of China (to Norway, in our case), either positive or nega

Add config to cluster managed by panorama

Hi,

we have to add SNMP profile traps config to cluster PA. This cluster is managed by panorama and have the most of the config done in panorama. So we are thinking to add this snmp traps new config directly in the FW, so it would any issue is we app

cli scripting mode without strict check

Hi,

  sometimes you have set cli config that you want to paste in CLI mode but in some occasions 

order of the commands is not correct. For example something like below. For the following

to work address object must be above the group otherwise you will

Brute force not triggered

Hi,

I would like to stop (block) an ip when there are a number of failed logon attempts but I cant get it to work. The vulnurability signatures are not being triggered. The other day someone tried over 400 different user names against out owa. 6 trie

Minemeld faild to fetch CSVs

we are using PaloAlto to get CSV from :

https://d13206e4.paloaltonetworks-app.com/feeds/AF-Malware-Hashes?v=csv&f=confidence&f=sources|Name&f=indicator|malware_hash
https://d13206e4.paloaltonetworks-app.com/feeds/AF-Malware-Mutex?v=csv&f=confidence&f

Minemeld - Unable to Connect Miner to Processor

Please pardon my knowledge and experience with Minemeld.  A support Engineer forwarded me an interesting related project & Covid19 data.

https://github.com/tyson312/minemeld-covid-feeds

I setup a default Minemeld install and added the files from

SSL Decryption

We are doing SSL decryption in another Vsys for the traffic published over the internet based on SSL. We need to know if the high utilization is due to that SSL decryption happening in another Vsys ? as we are planning to move this SSL decryption set

Minemeld CentOS-can't delete prototype or node - ERROR DELETING: minemeld.<prototype> TIMEOUT

We are running Minemeld on CentOS7 (installed via Ansible). I am not able to delete any prototype or node that I've created. I get ERROR DELETING minemeld.<prototype/node>: TIMEOUT

Any idea what would cause this error and how to fix? I tried disabl

SSL VPN USERS LIMIT

Hi Team,

May I know, what users limit in Palo Alto PA-220, Currently VPN connection is maximum 21 (from 10.0.0.100 – 10.0.0.120).

But now, users request need more  SSL VPN users. What need to do is buy a license or what.?

Thanks

Block Hashes

how to block hashes in firewall . 

application override VS service

I have new application.

I need to know what is the difference between application override policy and the security policy by using the service port number both are stateful inspection firewall at Layer-4?

Service:
Allows you to select a Layer 4 (TCP or

Application Override Video & Voice

We have Palo Alto firewalls, version 8.1.x. We heavily use Webex (application and physical boards), Jabber, and MS Teams both in the Corporate office and by GlobalProtect VPN users. I'm considering using Application Override for many of these Voice a

How to physical link down when rollback

Hi, I am using the 5.x version of paloalto.

HA is Actvie(FW1) - Passive(FW2) configuration and use link group.

For example, failover occurs when the wan link goes down. (FW2 / Actvie)

When the wan link is up rollback.(FW1/ Actvie)  At that time, the ent

Upgrade Palo Alto via Panorama

Hello,

We have 100 Palo altos firewall that we would like to upgrade via Panorama to 9.0.7, I am trying to create a group based on the prisority of upgrade to push the device>deployment >software package. 

Is there a way from Panorama 9.0.7 to create