Restrict GlobalProtect connection from a single Linux computer

Hi everyone,

I must to implement some VPN access control based on computers. By this way, a user will only be able to connect to VPN if agent is executed from a specific computer.

I have read the documentation but I don't find if I can restrict the c

Https traffic to http

Hi Guys,

I have a webserver hosted for public access using http. Now I want to know is it possible to NAT traffic entering to palo alto as https from outside to http as inside.

So user will try to connect server using public IP on port 443 their port

User-ID in multiple vsys failing for vsys2

Both vsys1 and vsys2 are using same agentless settings and are accessing same DC servers. While vsys1 shows as connected vsys2 shows nothing under status and system logs show 'connect-server-monitor-failure'. I have rechecked password in both vsys bu

Globalprotect - supress version mismatch popup?

When a client uses a version (4.1.13) different to what is available from the gateway, they see a popup prompting them to upgrade/downgrade.

How would I go about turning off this popup?

Microsoft CRM Dynamics - Retreiving IPs from a site

Hello everyone!

I'm attempting to retrieve the IPs on the following site;

https://support.microsoft.com/en-us/help/2728473/microsoft-dynamics-crm-online-ip-address-ranges

I copied a prototype - and it has the following config -

• con

GlobalProtect Client Certificate not Found

Hi All,

I am trying to demo pre-logon and am really struggling with the client certificate authentication side of things.

I've generated a Root CA on the firewall which has been imported into the Personal and Trusted Root Stores of the machine.

The po

Traffic monitor not showing up all of the sudden

PA3050.  All of the sudden, after working for years, the traffic monitor stopped logging at 13:41 CT.  Traffic going through the firewall as normal.  Policy hits are still going up in number.  Anyone seen this?

unable to create a log forwarding profile with office 365 account

Hi Team 

I have an office 365 account and i am trying to create a log forwarding profile for the Gmail or office 365 when I place the smtp.gmail.com 

we are facing issue fail to send the gateway smtp.gmail.com

Porting to Python 3

Hi all,

I was wondering if, given that the end of support for python 2 is scheduled for January 2020, is Minemeld porting in python 3 expected?

Thanks.

THREAT ALERT : high : 169.254.254.238 -> 169.254.255.255 Microsoft Windows NAT Helper DNS Query Denial of Service(31339) alert

Hello Team,

We got the below threat alert from the panorama and not able to understand the most of the part , like source and Destination . Both IP looks the outside my network but still its showing the rule: Outbound_Default_URL_IPS . One of my outbo

Cisco Policy Based VPN - ProxyID Query

Hi everyone,

I am receiving the below error on a Palo to Cisco policy-based VPN.

'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id: 10.45.33.253/32 type IPv4_address