Session Timeout Issue - Tunnel Active but User ID Authentication removes

Dear Team,

We are facing an issue in VPN where in Authentication of users is removed frequently at a random time.

IMPACT :

We have created Source User base policy - Hence once a user session is timed out, browsing of the user is impacted. User needs

Captive Portal + Global Protect

 Hi team,

How to make work the Palo Alto Captive portal after users logged in to Global protect. ?

Users who got connected to GP should get captive portal auth page while they try to use internet.

Is there any way to achieve this ?

Microsoft Edge is blocked.

Hi everyone! I have such kind of problem, maybe some of you have faced this.

I've blocked Chrome, Firefox and Opera, but it also blocked Microsoft Edge, which should work.

I tested deleting this application filters, which I created and found that the p

DigiCert SHA2 untrusted

We own a wildcard cert from Digicert for on-prem or cloud hosted websites. When doing decryption traffic to our websites breaks and i had to uncheck 'block untrusted certificates' to make it work. 

How can i keep blocking untrusted certificates and st

RDP To VPN Connected User

As the title, is this physically possible? 

Long story short, have a requirement to connect remotely to a company users laptop, which is  connected to GlobalProtect VPN... via remote desktop from another pc on the same companys LAN

Have attempted to

SSL Decryption every day more exclusions

Hi,

We are using a PaloAlto 3260 with PanOS 9.0.7. We have configured SSL decryption wich uses a certificate signed by our own Windows CA server. Each client in our environment has the Windows Root CA.

In the beginning (2 years ago) everything worked

Add prepends to a static route redistributed to BGP?

Hi all,

Is it possible to ddd prepends to a static route redistributed to BGP?

Loopback between two virtual routers are not pinging

I created two Virtual Router for internal bgp peering to export routes. 

Virtual-Router-1 - loopback-interface- 5.5.5.5/32 ; zone-five

Virtual-Router-2 - Loopback-interface-6.6.6.6/32 ; zone-six

security policy any-zone to any-zone is allow.

I am unable

Automatic updates broken?

Anyone else got trouble with Dynamic content updates??

• Failed to download due to generic communication error. Please try again later.
• Failed to download file

Incomplete Pcap - RTP

We are performing a pcap on our Firewall. We are capturing all traffic between two different Cidr's.
We see all of the sip information. We see full bi-directional traffic. We then see 2 RTP packets for each call then nothing else in the capture. The p

NGFW Routing & Switching VS Router Routing & switching performances

Hello,

As the NGFW supports routing & switching capabilities why do I need to add a router to connect to the WAN, I am mainly using OSPF and BGP  and MPLS in my router and all these features are present in a NGFW, I need to understand if I really nee

query URL Filtering DOESN'T WORK

Hi Team

I try since yesterday to check URL categories but service does not work.

Please check what's going on.

My browser give me:

502 Bad Gateway.

Thanks for advice.

Przemek

Using App-ID to block

I have a question about using App-ID.  Can you block an application just by using APP-ID.  I have a situation where my firewall is in a default allow environment.  I know this isn't a best practice but it is a complex environment and there are a lot

How to block bloody youtube?

Ok, the task is stimple. I want to allow only one particular URL accessible from youtube. Let's say the URL is this:

https://www.youtube.com/watch?v=-RyESqegW9Y&

I created a custom URL category and put this URL into it: *.youtube.com/watch?v=-RyESqegW9