Automatic email alerts: Sinkhole and security policies

Hi Community,

This query is for PAN-OS v8.1.X

I am trying to generate an email alert when the firewall sees an (action eq sinkhole) event or when the security policy created to sinkhole an infected host is used. Email Profile(s) have already configur

BGP Peering Issue

Hi All,

I have an issue with maintening a BGP Establish connection. Essentially the setup is the Palo Alto to two peers to allow for resilience if one BGP peer fails. If one peer is established it stays stable. If I enable the path to the second peer

Custom URL category enforcement in URL column

I'm seeing some different behavior from our firewall on 8.0 code.  I've got a few rules setup wtih both security URL profiles, and the URL category column.  I've got a few custom URL categories made that match certain traffic.  What I'm finding is t

Palo Alto IDS Deployment

Hi!

Has there any specific document for PA IDS Deployment and best practices?

Thanks in Advance..

Bootstrap Component logs for Palo Alto Firewall instances

Hi

I am looking to know the best way to troubleshoot bootstrap process on Palo Alto virtual instances on AWS. We have followed the bootstrap package standards as mentioned in https://docs.paloaltonetworks.com/vm-series/8-0/vm-series-deployment/boots

Is there max concurrent session for GP with one ID?

Hi there,

One of my customer says when he establishes multiple GP tunnel from multiple iPad (iOS 12), when 4th tunnel is established, 1st tunnel will be disconnected.

His topologies are as below:

-PA is VM-300 with PAN-OS 7.1

-iPads run with iOS 12.2

-G

how to route different inside subnet to different outside interfaces?

the customer have added a extra isp router which i need to route a certain subnet through it for internet , the problem the default route 0.0.0.0/0 already route interent through the old outside interface , how do i route the specific inside subnet t

Cisco ISE and Palo Alto TACACS

Few questions here. 

Why do you need user local on the PA devices?

Why do you need those users local on the ISE box rather then allowing access from AD groups via ISE?

If the users are local then password changes are not possible when a user changes th

Office 365, 5 minute Session Expiring - Help!

Hi All,

New to Palo and wondering if anyone has any input on this issue. Our company has rolled out Office 365, but every ~5 minutes - a Session expiration pop-up comes up while any SharePoint document is open (web-based) - 

From my traffic logs, I'm

GlobalProtect SSO with Kerberos returns user display name

Hi Community,

I'm a bit confused by a internal GlobalProtect installation:

I configured Kerberos SSO and created an aut-sequence with Kerberos SSO and LDAP as fallback.

The customer is using a third-party Credential Provider (Windows 10) so we did the

Panorama Device Removal

I had to rebuild Panorama 7 on ESX as for some reason after a power outage the image could not be restored...

New installation completed and licensed but I cannot get the firewall 3020 to connect.

I have removed the Panorama settings from firewall an