Fighting the cli ... sigh - how to import a cert via the cli

Hi

So, silly me I manage my cert in panorama, so when my int CA for my management ports came up for renewal, i renewed, and pushed out to all the devices ... except for my panorama 

now I have cli access only.

I have found the location 

configure

panora

Vulnerability Protection Signature for CVE-2020-0688

Is there a signature yet for CVE-2020-0688?

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688

Internal Gateway configuration problem

I'm using PA-3220 firewall.

Ethernet 1/1,1/2,1/3,1/4 is connected to main switch, Cisco AP, Internal router and server 10Gb switch.

I setup a GlobalProtect internal gateway for using User-ID and used vlan 1 (192.168.1.2) as the gateway and Portal's IP

Use Google Apps as User-ID Identity Source

Fellow Engineers -

Wondering if there is a way to integrate User-ID with Google Apps, such that a school that has deployed Chromebooks can use the students' existing Google login IDs to identify the users on the Chromebooks.  Does anyone know if this

Authentication Sequence not working

Hi All,

I have successfully tested Authentication policy using LDAP, MFA (Okta API), SAML and RADIUS (Okta). I am working on the redundancy scenarios wherein if Okta fails, the fallback would be LDAP. I am using RADIUS (Okta) and LDAP in the Authenti

Chromebooks user-id ?

Has anyone tried to get a userid authentication from users with Chromebooks?  We are evaluating Chromebooks to be used in a laptop cart setting in our school.  I don't want to fall back to a portal login if there is any way I can get a current user o

Can we configure shared gateway on a VLAN or subinterface?

Can we configure shared gateway on a VLAN or subinterface? And HOW that vlan / subinterface can be used for Internet connectivity from different VSYSs? 

Please share the supporting urls for the same as well.

Cannot open support ticket for Azure VM series

Hi All,

We cannot open support ticket for Azure VM series.

The issue is that we cannot choose devices ( azure vm series ) in support portal.

Traffic Logs have an http_category without a destination hostname or URL

I am seeing a pattern where I observe an http_category in my pan:traffic logs where log_subtype=end but there is no dest_hostname or URL. Is it possible that Palo is classifying based on IP address? We are not decrypting SSL traffic in this instance

Troubleshoot VM Panorama with multiple interfaces

Hi All,

We have few virtual Panoramas running 8.1 that are needs to managed firewalls into two different zones with no connection between them. For that reason we have configured the Panorama with multiple interface.

- The mgmt interface in used for a

MineMeld install on 16.04 fails with i386 architecture support

Ubuntu server LTS 16.04 running on VMWare Workstation Pro 15

After running the repository command:

sudo add-apt-repository "deb http://minemeld-updates.panw.io/ubuntu xenial-minemeld main"

When I run the update:

sudo apt update

I get the follow