Resolved! Upgrade to PANOS 7.1
I'm looking at getting a Palo Alto used. A lot of the units are pan os 4, 5 or 6. For a PA-500, for example, can I get a 5.x OS and upgrade it to 7.1? Does this require a support contract to upgrade it?
I'm looking at getting a Palo Alto used. A lot of the units are pan os 4, 5 or 6. For a PA-500, for example, can I get a 5.x OS and upgrade it to 7.1? Does this require a support contract to upgrade it?
I recently adding a new syslog destination at this new to me site and noticed something I hadn't seen before. That is that the sending of syslog data according to PAN Monitoring is send sporadically and in big bursts. For example when I added the new destination not long after the PAN sent one GB of syslog to all the destinations and then one sm...
Hi there Is there any known issue with Dynamic Updates? Our firewall can't get updates in the last 4 hours. The last update we got was around 4pm (GMT+10). The traffic log is showing incomplete. 'show url-cloud status' shows Cloud connection: not connected. Thanks.
PA running 8.1.9 we have rule from any source any zone do not decrypt financial-services category.CLI test test decryption-policy-match source 10.x.x.x destination 23.249.200.33 category financial-servicesMatched rule: 'No_Decrypt' action: no-decrypt Traffic log shows decrypt error URL log shows no decrypt.
I'm in the process of implementing User-ID and want to parse syslog logs. the predefined parse profile don't appear to be a match, as I'm looking to pull syslog from my domain controller. However, my Active Directory team can't provide me with a sample of the syslog event or tell me the type of syslog (regex or field) being generated. So I'm loo...
Hi All , I ma having firewall managed using Panorama. I am trying to verify security rule on firewall itself using below : config show rulebase security rules <rulename> , however its not showing any output . Could you please confirm if this is correct way or i am missing something here . Thanks ..
Hi, We have a legitime application which is running a script. This script and the chain is detected by traps as threat. So we would like to configure an exception for this cmd.exe --> cscript //E:JScript //nologo "C:\ProgramData\signature\sign.bat" So its possible to add this exception? where it can be configured?
Hello Team, Three year before ,One of my customer is generated the certificate from linux machine and sent it to comodo for third party sign.Now they got new palo alto firewall and he is trying to install that certificate on palo alto but while installing certificate we are facing "Mismatched Public and Private keys" I have one more doubt that, ...
Hi,We have a use case where, upon detection of a session with an unknown userID, we'd like the Palo firewall to interrogate an external service via REST API for the UserID/IP address mapping. I appreciate the normal way is to prepopulate the Palo or UserID Agent servers with data from external sources, but this is not possible in this case.Any ...
Hello Team, Please let me know how we can enable all disabled application in faster way.During dynamic updates of Application and Threats customer clicked on 'Disable new apps in content update,' so there are total 700 application disabled and i found only two way to enable on both way i need to select disabled app manually one by one.
Palo Alto Firewall has following configuration. set deviceconfig setting management initcfg dns-primary x.x.x.xset deviceconfig setting management initcfg dns-secondary y.y.y.y I was trying to change DNS ip address to another ones, but I couldn't.It was giving me "Invalid syntax" error message."initcfg" option was not there when I check command ...
Hello Community, I am new to palo alto. we have deployed some firewalls in our company. I am trying to configure globlalprotect on the branch offices to add more gateways. I have an extra internet connection at one location and wanted to know if its possible to configure global protect on one of the interfaces. the firewall is currently behind a...
I use both but running into an issue with Lab specific traffic where I will allow a list of applications with service set to ANY but the PAN classifies some 443 traffic as (for example) 'windows push notification' or 'soap' but I am not allowing either of those APPs so it drops it. I am allowing web-browsing and windows push/soap both use tcp/44...
Hi everyone,I have a connection issue using GlobalProtect. Could anyone help me?Thanks a lot
Howdy everyone, We have a strict internet usage vlan where users can only hit an Approved List of URLs that we manage through Panorama. The issue is that some of these fights reference Google as part of the CDNs so we've had to allow them in to the Approved URL filter. This has been working for a long time, but a few users learned that they can...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |

