I am a little new to PA firewalls. My question is, with an expired Threat license, or no Threat license installed at all, is all the functionality of the AV and anti-spyware components not active? Customer has one with expired license, but I am try
...
Hi Experts,
I have a customer who wants to create new prototype for this customer.
customer requirement is very simple but, it's very hard to me.
first of one,
customer said spunk is using Rest API, below is feeds from splunk
curl -k https://s
...
Hi All,
I have an issue about sip/rtp traffic. Endpoints are using a calling application that used sip protocol . We have also enabled fragment feature in zone protection setting.I investigate this issue and when endpoint make calling, zone protectio
...
Greetings all,
I'm wanting to use the new Palo Alto provided dynamic IP lists to block known malicious or high risk IPs but, when creating a security policy, I can't seem to get it to appear in the list for selection. I've tried copy/pasting the nam
...
Hello all,
I am wondering if palo can identify and decrypt encrypted traffic on non-standard ports(other than 443)? In other words, does firewall decrypt all encrypted traffic traversing through that matches rule?
Hello,
We are not getting the list of individual users in the command: show user group name <name>
> show user group name "CN=adminstaff,OU=staff,OU=security,OU=Groups,OU=College,OU=Schools,OU=CEWA,DC=test,DC=edu,DC=au"
short name: test\adminstaff
s
...
the CLI command “show system resources” is show The Management plan cup useage,
but ,I found than The cli output cpu usseage is different with web ui show,
and the cli output is highter than web ui show.
why?
see the pic
Hi all,
Has anyone had success establishing a site-to-site tunnel between an PAN firewall and a Cisco Meraki Cloud managed firewall? I've been messing with it for most of the day and have not found much luck. I've added a third party peer on the Mer
...
I am trying to configure OCSP and I am a little confused.
I have added an OSCP responder.
It appears the second step is to allow the Firewall to use it by configuring Device-Management->Interfaces. However, for most of my settings, I am using a Ser
...
Is there any way to perform the minemeld install from behind a proxy? I am deploying a minemeld node in a datacenter where internet access is only available via squid proxy.
Thanks,
Nasir
Hello,
I configure a VPN tunnel between two firewalls Palo alto Networks . The tunnel status is up but the other network is unreacheable.
I configure the tunnel on the trust zone . I restart the firewalls without result . The first PA-500 with PANOS 7
...
Does anyone use AVG or Avast for their anti-virus requirements and how do you handle streaming updates?
It is my understanding that Streaming updates are updates that are pushed to endpoints by AVG/Avast? These updates are different from typical upd
...
While pushing policy from PAN to PA220 Firewall running 8.0.3
I am getting attached Error. We have around 6kplus object in that specific template.
As per PA support, 8.0.X pan version comes with a precheck that will not allow commit till the object cou
Hi,
I have following in my logs:
Threat tpye: file
Threat name: CSV file
ID: 52032
Severity: low
File Name: xyz.csv
For Vulnerability Protection and Anti-Spyware I know how to easily create exceptions for specific IPs/URLs. Is there a way to easily creat
...
We have had some requirements change since ordering this equipment and may change direction on where these new firewalls get installed.
Initially we ordered the 3260s for our hosted data center since most of the servers are located there and vendor p
...
on:
PA Migration from 3050 to 5220 Appliances
on:
WSL and SSL decryption
on:
Unable Sync Configuration between HA Pair after downgrade from PANOS 10 to 9.1.7
on:
how dose firewll to panorama log forwording?
on:
PPPoE session failed to connect for user:xxxx on interface:ethernet1/1. Reason: Timeout, LCP down
