Resolved! Config Audit PDF Report

Hi all lovely people of Palo Alto Live,

I want to see if there is a way to generate a custom (or in-built) report for the config changes on the Palo Alto?

For example, the requirement is that a weekly report is needed on what changes are made by which

Resolved! Sectigo wildcard certificate problem for Globalprotect

Dear Community,

I've recently purchased a wildcard certificate, that I intend to use it on our firewall for globalprotect. It is a single device, and gateway is configured as external gateway (it provides only vpn access from the external world). I'v

Resolved! External Untrusted Site LDAP via NAT to Trusted Windows AD server

Hello.  I have reviewed a number of PA article and Live Video's and still am not sure my NAT and Security policy are functioning.

PA-220.

Below is the monitoring log I am seeing.  I expect to see 389/LDAP to complete and show some NAT details - which I

Resolved! User-ID Agents

Hi,

I'm digging deeper into User-ID agents, and I'm aware that I have two options; The Windows agent, and the PAN-OS agent.

If I have a Windows domain, and no other directory services, is the Windows agent the best choice?

Is there any benefit to conf

Resolved! Global Protect SMB traffic slowness

Hi Team,

We are using global protect to connect to corporate file sharing server.

Once GP is connected we are able to copy and paste the file from fileserver which is mapped in my local machine. But the issue is it is very slow. Like only 373Kbps tra

Resolved! Move VPN DHCP off Palo Alto

We are currently running DHCP off of our firewall for all external VPN users. I would like to move this DHCP to our 2019 windows servers. I have looked around trying to find out how to move this but can't find much. Can someone point me in the right

Resolved! How NAT Oversubscription works?

Hi experts,

I am trying to understand how NAT oversubscriptions works in Plao Alto. What will be its exact use case and how firewall behaves in default settings?

Resolved! Workaound for PAN-OS: Predictable temporary file vulnerability

There is no workaround available for this vulnerability 

https://security.paloaltonetworks.com/CVE-2020-1981

A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation.

This issue allows a local attacker who bypassed the

Resolved! Block file sharing over RDP

Hello community,

Is it possible to Block File transfer over Remote Desktop

Resolved! NAT rules for Email exchange/Email Gateway

Hi Everyone,

I have two IP addresses used for inbound/outbound emails on our email gateway.

I have created the attached rules NAT and Security and I wanted to get opinions if its correct because I tested it and it seems something wrong that prevent em