ransomwaretracker.abuse.ch was discontinued on Dec 8th, 2019

Since then my RW-IPv4 & RW-URLs nodes are empty and I'm getting the system message: "Either EDL file was not updated at remote end or Downloaded file is not a text file." Is there an alternative to ransomwaretracker.abuse.ch?

Production issues with 9.0.4?

Hello Community!

Has anyone made the jump to 9.0.4 on their production firewalls? I have read the release notes and installed it onto my lab unit. Just checking to see if anyone has had any issues outside of what is in the release notes. Currently we

Reboot / Shutdown options not displayed in Web UI if Role-Based Admin is used

Hi,

I have created a role-based admin account with all rights enabled for the Web UI and superuser rights enabled for the CLI.

After login to the Web UI using this account, under Device -> Setup -> Operations, the reboot/shutdown operations are not dis

Query about admin credentials

Hello Team,

We need your support to provide specific access to system admin user. We need to provide access one of system admin only for configuring VPN user & create system admin user. Kindly confirm can we create a custom admin profile for above ta

Not able to normalize UPN name retrieved from SAML assertion

Hi Team,

We have configured SAML SSO authentication for Global protect. Microsoft Azure has the active directory we have configured it as identity provider and service provider as Palo alto global protect. Trust established between Idp and SP and we

Repos Used By MineMeld Ansible

I'm attempting to use the MineMeld install on github to install MineMeld but need to know the repos I need to allow on or Palo Alto URL Filtering solution in order to obtain access. We currently block access to freeware-shareware sites so when I atte

1 user cannot authenticate to global protect

I have global setup and running and we are using DUO access gateway SAML for authentication.

All of my users can login fine EXCEPT 1 user who successfully authenticates to duo, but then just gets an authentication failed message from our global protec

Restrict GlobalProtect connection from a single Linux computer

Hi everyone,

I must to implement some VPN access control based on computers. By this way, a user will only be able to connect to VPN if agent is executed from a specific computer.

I have read the documentation but I don't find if I can restrict the c

Https traffic to http

Hi Guys,

I have a webserver hosted for public access using http. Now I want to know is it possible to NAT traffic entering to palo alto as https from outside to http as inside.

So user will try to connect server using public IP on port 443 their port

User-ID in multiple vsys failing for vsys2

Both vsys1 and vsys2 are using same agentless settings and are accessing same DC servers. While vsys1 shows as connected vsys2 shows nothing under status and system logs show 'connect-server-monitor-failure'. I have rechecked password in both vsys bu

Globalprotect - supress version mismatch popup?

When a client uses a version (4.1.13) different to what is available from the gateway, they see a popup prompting them to upgrade/downgrade.

How would I go about turning off this popup?