General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Suspicious Packet with MAC address all zeros

Hi All, I monitor networks for my client, recently I discovered some suspicious outbound traffic from internal to a known malicious host, although the packet was dropped on the PA. the logs I have showing that the packet's source IP as the internet's...

sum0831 by L1 Bithead
  • 3 replies


Who can provide me with a from scratch python script to create a new firewall rule? Im not looking to use pandevice or any of Palo Alto modules on github (my compnay will not allow us it import and use it.) Looking of a script that doesn't use pandev...

GP Agent not receiving split tunnel networks

I am doing a PoC to replace a Web Proxy. The VM is in AWS and the idea is to use the GlobalProtect agent on all the PC's and Mac's in our offices to send all Interent traffic to the VM and the Internet to utilize the PA URL Filtering, Wildfire, etc. ...

Resolved! Subordinate CA creation for SSL Decryption

Hello, I am attempting to set up SSL Decryption on a new firewall and trying to create a Subordinate CA with our internal Microsoft Certificate Services. I am in the process of generating the CSR on the PA, but I am a little confused on what the Comm...

GP for many external clients

Does anyone have a good solution/setup for providing external clients with VPN access? Not regular users/company employees. We need to be able to provide these external clients access to different resources internally. IE webpages, server access usin...

Resolved! Seperate URL categories for free and paid web hosting?

Hi, We are seeing an influx of phishing mails trying to send users to sites hosted with free web hosting services. On of the things we've done to combat phishing is blocking access to unknown domains, but every subdomain of a free web hosting provide...

as-mg by L3 Networker
  • 1 replies

Firewalls in HA, how bring them in Panorama

Hello I have a HA Active/Passive pair of Firwealls in 7.0.5 and Panorama 7.1.9I need to import configuration into Panorama. The process below is not clear if I need to do that for both firewalls

Kaliman by L2 Linker
  • 1 replies

GP-AD user password expiry

When setting up a Global policy object for a Paloalto globalprotect user/group , the maxpwdage attribute does not match the, the password expiry date sent for Paloalto user, This can be confusing to know when the password actually going to expire for...


PA-500 SSL decryption decrypt-error session end

I apologize of this is a dumb question as I know that some sites will have decyrption issues, but is it normal to have a lot of traffic log entries with decrypt-error as the session end reason? None of our users are complaining that they can't get to...

gwosad by L0 Member
  • 4 replies