Resolved! Secure Renegotiation in PANOS 9x?
I'm seeing some posts stating that Secure Renegotiation is not supported on the Palo Alto platform. Is this still true for the latest release, v9.x? If so, how is it enabled?
Discussions
Resolved! Disable a tunneling interface ?
Hi all,
Is there a CLI command to disable (shutdown) a tunnel interface on a PAN firewall ?
Thank you
Regards
PA-3020 to PA-460 Migration
Hi All,
We are migrating one of our PA-3020 to PA-460 next Monday.
> PA-3020 is managed with the Panorama.
> Panorama is in the version 10.0.11 and the PA-3020 is in the version 8.1.18.
> Could you please help me with what all need to be considered
...Does PA fail closed by default?
I'll be darned if I can find any documentation that speaks to if/how interfaces are configured to fail closed if there's a system or interface issue.
Does anyone have a URL that talks to this?
Thanks, Jeff
IPv6 Support
Are there any updates as to if/when PAN will support DHCPv6 Client and IPv6 Prefix Delegation? This is preventing a purchase for me. Without the ability to receive an IPv6 address and prefix delegation dynamically on the WAN interface, this is a show
...access logs from bluecoat proxy to windows user-id agent
Trying to get bluecoat proxy to send its access logs to windows user-id agent. configured custom log on bluecoat in the following format
PAN Source=$(c-ip) Username=$(cs-username) Action=$(s-action)
On user-id agent side I am seeing server receiving
...Resolved! Possible to update password on a user by uploading a new config?
Hi, i am new to palo alto and firewalls really. I have been tasked to be able to make a script which automatically can change the password on a palo alto firewall. Is it possible to do this by creating a new config file with a new password and then u
...Global protect - external gateway blocking?
In the global protect gateway settings where you can select the priority by region does the firewall block connections from any regions that are not included there?
this is the article discussing the feature I’m referring to:
https://docs.paloaltonet
...Can't enable user-id on sd-wan zones
I need to enable user-id on panos sdwan zones - e.g. zone-to-branch. I can enable it in the template on panorama, but it doesn't change on the firewall when pushed. Everything else is working fine, so this is not and template/stack issue. Is this a s
...Resolved! Certificate based Site to Site VPN (IKEv2)
Hello Folks, I am trying to build a site to site vpn between a Palo Alto firewall running 8.1.7 and a Checkpoint firewall. Settings are configured to use IKEv2 only with certificate based authentication.
While the logs below are from lab setup, but t
...Resolved! Basic question regarding policy
Just trying to understand the policy a bit more.
under the policy | application, if I select FTP and select http/s under the service, I assume fw is expecting FTP to run on port 80/443?
hence, if I select app default on services, it will then expect
...Panorama in AWS
In an AWS environment which is making use of the TGW and GWLB, is it okay to deploy Panorama in a VPC that gets routed through GWLBe or should Panorama get deployed in the security VPC and have the route tables bypass all gwlb endpoints?
I'm wonde
...Resolved! Global Protect HIP Check- Real-time protection with Multiple Antivirus
Qn : If the Global Protect HIP Check have Multiple Antivirus and Real-Time protection enabled. Will it be a AND or OR check for each Antivirus? Because in a system Real-Time protection works only for one AV.
Resolved! Is A/P Throughput synchronized?
Dear Team,
I know that sessions are synchronized except for the conditions below in the A/P configuration.
-In Active/Passive mode, ICMP and host sessions are not synchronized between peers.
(Note: A host session is a session terminated on one of
Many government sites are not opening on paloalto networks. Same is opening on outside network
Many government sites are not opening on paloalto networks. Same is opening on outside network. Please suggest
-
OtakarKlier
on:
How can I get the CCATS for exporting in US
- JoseCortijo on: Is PA capable to scan for malware in Activesync/Outlook365 traffic?
-
BPry
on:
security policy in monitor mode only
- M.Anderson on: Minimum Code for PA-415/445
-
BPry
on:
The machine on which Cortex XDR agent is installed is not showing the Windows key (Start Menu) option.
-
Raido_Rattameis
ter on: GP Compatibility on Windows Server -
OtakarKlier
on:
Factory Reset
- dave.prentice on: Virtual Panorama upgrade do I use "m" or "pc" platform?
- GregGGHH on: Request help on Mac m2 and Windows 11 for VPN connection
- Netzer on: Firewallupdates via Panorama - huge delay in download and install
| User | Likes Count |
|---|---|
| 10 | |
| 6 | |
| 6 | |
| 5 | |
| 5 |
Copyright 2007 - 2023 - Palo Alto Networks