GlobalProtect reports Machine Certificate (null) but it isn't...

Hey all,

Recently upgraded to PAN-OS v9.0.3 and GlobalProtect is no longer working for some.  Error messages in the system logs are showing GlobalProtect portal client configuration failed...  Machine Certificate CN: (null) for those that fail but als

TCP issues when moving an application through a Palo Alto FW

Hi,

Following scenario:

we have a 2-level Firewall Filtering / Security Setup active in our infrastructure, with a Cisco ASA currently acting as the Internet Firewall (updated to the latest Cisco ASA OS version) and an internal Firewall (Checkpoint a

NAT PPTP VPN

Hello, im trying to set up a NAT rule for a PPTP VPN tunnel.

I have set it up like this:

Source: untrust

Dest. zone: untrust

Source address: Any

Dest. address: lets say 20.20.20.20/32

Service: any

Source Translation: None

Dest-Translation:20.20.20.20/32

Secu

TLS 1.3 support

Hi everybody,

any news regarding change of decryption from passive to proxy mode to support TLS 1.3 decryption?

Thank you,

Jan

Palo Alto lab devices

Hi guys,

I was assigned to work on a project with involves working with Palo Alto appliances a lot. I have never touched such a firewall before, so I am planning to get two (or more) devices for my home lab and experimental use.

Do you think the PA-20

Problems with panorama and paloalto ACC No data display

Hello good afternoon

I have a problem with my panorama and a Palo Alto HA, in the panorama the complete traffic is not visualized and in the ACC no data display.

Already apply these commands

> request log-fwd-ctrl device <serial number> action stop
>

Question about Global protect Pre-Logon Issue

Hi,

I configured GP pre-logon method, But it’s only working in administrator mode even though the user is part of administrator group, it’ not working for normal users.

I followed below KB article,

https://knowledgebase.paloaltonetworks.com/KCSArticle

On boarding Large Numbers of Firewalls Using Panorama and Bootstrapping

I am working on a project which will involve deploying a large number of PA220 firewalls to branch offices. This will happen over a period of time with probably around 30-50 branches per phase of work. These branch firewalls will be managed using Pan

PA-3020 SSL Decryption Query

Hi, I have enabled SSL decryption (forward proxy) on our PA-3020 firewall. The certificate is generated from our CSR and is installed on our PA-3020. I have set up a separate forward trust and forward untrust certificate. The forward trust certificat

PA Configuration File Format Conversion

My organization creates PA firewall configurations in "set" format as they are easier to read and peer review.  It is very cumbersome to then put this style of configuration into the firewall itself. Is there a program/utility that can convert this t

How to get Applications using XML API

I am trying to get a list of applications, or a single application using the XML API. I have tried the following:

api/?type=config&action=get&xpath=/config/shared/application

api/?type=config&action=get&xpath=/config/shared/application/entry[@name='ic