Require authentication via global protect when connecting to data center resources

In an attempt to secure connections to production resources. I would like to implement a policy that if you are for instance using SSMS to connect from one location to a database in the data center, that you first have to authenticate via global prot

Certificate based authentication for IOS microsoft intune intergration

HI @gwesson 

I have an issue in client based authentication for IOS devices.  I have imported the client certificate in windows and android it works same cert installed in iphone it shows an error client certificate not found. 

Recently, I have see b

BGP deafault route

Hi All,

I have a VSYS with two BGP sessions established - one eBGP internal and one eBGP external. Both are established to seperate peers.

My issue is when I look at the runtime stats in the virtual router the default route (0.0.0.0/0) is pointing (n

PA 5220 vsys HA Support

Hi,

we have a pair of PA 5220 appliances currently running only the default vsys (vsys 0) in an HA (Active / Active) Setup.

We would like to add additional vsys instances and also have each of the new instances running in a HA A/A Setup.

Would the HS

Problems installing on Ubuntu 16.04

I am trying to follow the directions found here:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-16-04/ta-p/253336

I get to this step

1. Adding the repo GPG key

Add the MineMeld repo GPG key to the APT t

Packet Buffer OID VM-Series

Hi,

Anyone know what is the OID used in the VM-Series to extract the packet buffer (hardware/software) values?

In the MIB of  Palo Alto Products I only find this one, but I don´t know what it exactly extracts:

PA-VM: 1.3.6.1.4.1.25461.2.3.29

Any idea

HELP: Clients going 'under the radar' when CP is switched on...

We find that an increasingly number of students never get the captive portal auth dialog popping up once we switch on CP (when we are having a test or exam) for their subnet.  The dialog pops up as expected for most of the students, but there are alw

Subscription signatures off-line updates

Good afternoon, colleagues, I have three subscriptions: url filtering, threat prevention and wf500 signatures. How to update them off-line and is it possible to distribute these updates for the firewall and wf through Panorama?