I have a set of 3020 that are lab that I need another set (for consistency) but the 3020 are not available for purchase.after today. Is there a way to switch these to prod (for an additional cost)?
Hello all. I have had an issue with PANOS since 7.0 (Currently I am on 9.0.2-h2) where the application id feature is not reliable in security rules. I can add a rule and for example lets say I allow ssl to 10.1.1.1 from 10.2.1.1 no user restrictions
...
Good day,
Inactivity and session lifetime forced logouts are not enforcing logouts on open clientless applications. Currently running 8.1.8H5 and have found that clientless application sessions are remaining open even after a forced logout. Going ba
...
Hi, have this problem since a few releases back.
Installed latest Globalprotect client for linux, currently 5.0.3. Install ok, runns ok but doesent activate and connect.
root@khazad:/home# systemctl status gpd
● gpd.service - GlobalProtect VPN client da
PAN OS 8.1
Monitor\URL Filtering
"Detailed Log View" (magnifying glass)
In "Details" pane
Clicked on the 3 dots beside URL to see the full url string, but no joy.
How can I see the full url there?
I am trying to setup site-2-site VPN between a Cisco router and PaloAlto 820 running 8.1.9HF4. Everything is working fine in IKEv1
but it is not working in IKEv2. Look like PaloAlto is not playing nice with Cisco devices. If I replace the PaloAlto
...
Hello,
It's possible to redirect some domain name (exemple: *.com and *.net) to tunnel VPN ?
I think that it's possible by creating address object and use by policy based forwarding for redirection, but I can't use wildcard match all *.com.
thanks.
I was surprised to know that PA 5050 does not support Pan OS 9.0
Anyone knows why it is that?
Hi,
I have a question regarding changing master key for firewalls from Panorama and its consequences. My situation is the following:
- Two Panorama servers in HA
- Two PAN Firewalls in HA (let's call it as HA cluster 1), already managed by Panorama
See
...
Hi All, Hope you all are doing great. I am facing some issues in working with terminal service agent. I will have a small intro on what I am trying to do. As of now, I am in the testing phase for implementing TSA in our environment. For this I am usi
...
Hello,
We have followed this guide:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIPCA0
Decrypt portion is working well. However we are finding the custom category and its contents although set to block, are not blocking
...
Hi Team,
I have a query for URL filtering logs under monitor. i noticed logs specifically for http-proxy app and there i saw source address is public and destination address is private . I wonder how is this possible ?? NOTE :- This was observed whi
...
I have two IPSec tunnels configured. Traffic is flowing between a local interface and each of these two tunnels, but I can't seem to get traffic flowing between the two tunnels.
I have two sites Site1 and Site2, each with a PA and one external inte
...I've a query regarding Cisco Jabber connection with Palo-Alto. Below are my points. 1. Right now If any of our company user having Cisco Jabber installed in his/her smartphone & having Jabber profile on CUCM, he/she will connect via Internet on jabbe...
PavelK
on:
HA4 firewalls
reaper
on:
What does ch mean in PA-VM-OS Software?
OtakarKlier
on:
PCNSE Bootcamp
