General Topics

DigiCert SHA2 untrusted

We own a wildcard cert from Digicert for on-prem or cloud hosted websites. When doing decryption traffic to our websites breaks and i had to uncheck 'block untrusted certificates' to make it work. 

How can i keep blocking untrusted certificates and st

RDP To VPN Connected User

As the title, is this physically possible? 

Long story short, have a requirement to connect remotely to a company users laptop, which is  connected to GlobalProtect VPN... via remote desktop from another pc on the same companys LAN

Have attempted to

SSL Decryption every day more exclusions

Hi,

We are using a PaloAlto 3260 with PanOS 9.0.7. We have configured SSL decryption wich uses a certificate signed by our own Windows CA server. Each client in our environment has the Windows Root CA.

In the beginning (2 years ago) everything worked

Add prepends to a static route redistributed to BGP?

Hi all,

Is it possible to ddd prepends to a static route redistributed to BGP?

Loopback between two virtual routers are not pinging

I created two Virtual Router for internal bgp peering to export routes. 

Virtual-Router-1 - loopback-interface- 5.5.5.5/32 ; zone-five

Virtual-Router-2 - Loopback-interface-6.6.6.6/32 ; zone-six

security policy any-zone to any-zone is allow.

I am unable

Automatic updates broken?

Anyone else got trouble with Dynamic content updates??

• Failed to download due to generic communication error. Please try again later.
• Failed to download file

Incomplete Pcap - RTP

We are performing a pcap on our Firewall. We are capturing all traffic between two different Cidr's.
We see all of the sip information. We see full bi-directional traffic. We then see 2 RTP packets for each call then nothing else in the capture. The p

NGFW Routing & Switching VS Router Routing & switching performances

Hello,

As the NGFW supports routing & switching capabilities why do I need to add a router to connect to the WAN, I am mainly using OSPF and BGP  and MPLS in my router and all these features are present in a NGFW, I need to understand if I really nee

query URL Filtering DOESN'T WORK

Hi Team

I try since yesterday to check URL categories but service does not work.

Please check what's going on.

My browser give me:

502 Bad Gateway.

Thanks for advice.

Przemek

Using App-ID to block

I have a question about using App-ID.  Can you block an application just by using APP-ID.  I have a situation where my firewall is in a default allow environment.  I know this isn't a best practice but it is a complex environment and there are a lot

How to block bloody youtube?

Ok, the task is stimple. I want to allow only one particular URL accessible from youtube. Let's say the URL is this:

https://www.youtube.com/watch?v=-RyESqegW9Y&

I created a custom URL category and put this URL into it: *.youtube.com/watch?v=-RyESqegW9

PAN OS 9.0.4 BUG

Hi,

I cought a another bug on PAN OS 9.0.4. when we exporting NAT rules to whatever format PDF/CSV we are not getting proper output as expected. Its giving some garbage information alos.  

An Out of Memory condition occurred and restarted the process

In the system log.. receiving the below-mentioned error message frequently...

It's any bugs?

PA-850
SW Version 9.0.2

Error message (An Out of Memory condition occurred and restarted the process )

Credential Phishing with credential submission method as Use Domain Credential Filter

Hello team,

Customer has configured Credential Phishing with credential submission method as Use Domain Credential Filter and it does not work
The user id agent is configured on the writeable domain controller
But according to the below document to ena