Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hello,
We are implementing SSL Decryption to PA.
Because of this forcepoint agent (that is installed on theworkstation), the return traffic from the Internet (ie: facebook.com, etc) will be denied by the firewall as the SSL certificate has been chang
...
Need to know if PA Global protect can support 3rd Party Remote access vpn?
For example remote access vpn from modems using ipsec?
We need to support remote access vpn for some clients where the end user will not have the GP client installed on their
...
Hello,
We are using 4.1.0-98.
The clients at fault work fine through a tethered mobile, however when connecting to their home WiFi the connection is successful but nothing will work through the VPN.
Below is a log snippet. What exactly is going on he
...
The firewall has flooded the system logs with the following message:
Traffic and logging are resumed since traffic-stop-on-logdb-full feature has been disabled.
Software Version- 8.0.3-h4
Model: PA-3020
Disk space looks fine:
Filesystem Size
...
Hi all,
I'm having an odd issue. I have global protect configured and using Okta (saml) authentication. Now everything is working fine except that a handful of users have the wrong user-id. All users are expected to have their email address as the
...
Hello
Is there a way in which I can see which security rules are identical on 2 Palo Alto Firewalls?
Probably with Migration Tool or something?
BR,
RJ
The current PAN-OS GUI makes adding objects and zones on the fly very easy while building policies.
Unfortunately this sometimes casues unwanted side effects:
As an example, when building a security policy including the zone "Admin" I started typing "a
...
We recently upgraded our firewall to version 8.1.5 and noticed that SNMP data traffic monitoring stopped working. If we get de SNMP values, we receive this informations:
IF-MIB::ifIndex.9 = INTEGER: 9 IF-MIB::ifDescr.9 = STRING: ethernet1/4 IF-MIB::...
Anybody has hear about it and are PA firewalls effected by it. It seems they are making some changes to its functioning. Does PA application supports the said change?
https://dnsflagday.net
Hello,
I have been playing around with this setup:
- user connect to internal network with globalprotect
- initiating any connection to internal resources trigger ether a redirect to captive portal for MFA challenge or a global protect popup with the
...
Hello,
I changed a timeout value on an application and then changed it back to original setting, after this:
The application show up in a greenish color (like the support info button color) in ACC
The application lost its category and sub-category. Bo
...
need to confirm if i use rule with any any and no security profile does it do any layer 7 inspection?
is this same as app override?
I was given this design to implement on our PA 5050's. This would be to segregate a user segment (4500x-VSS) from the data center (7K's vpc). Can anyone tell me if this is a valid LACP connection? I have never seen it done without a Stacking or VPC l
...
Hello everyone,
The agency I work for is experiencing H323 call drops. After some research I found documentation here that Palos do not support H323 signaling when a gatekeeper is in call routed mode. The gatekeeper is currently in call routed mode.
...
This is for a lab at the moment, but want real-world advice in case I attempt it.
I had a portal and gateway setup for client SSL VPN and wanted to add LSVPN. Due to complete documents for each type of GP feature, but none combining the two, I went
...
reaper
on:
Tunnel Monitoring
reaper
on:
Global Protect need to ask for password all time we connect
reaper
on:
GlobalProtect Android version 13 issue
