Website getting blocked

Hi Team

We have PA 220 firewall with 8.1.5 PAN os version.

We have tried to reach one particular website but its not reachable. When we checked the traffic logs that application was shown as "incomplete" and the end session reason was aged-out.

Note

Palo Alto Firewall Packet Capture on drop state

Hi Team, I have an issue in production for SMTP traffic, when i do packet capture in Firewall for drop state, could see packet are getting dropped in syn packet

Co-related Events Logs Gathering

Hi,

How can we gather the Beacon Detection logs for Co-relation logs in our Syslog Server.

Regrads

Karthikeyan Balamurugan

Display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)?

Hi 

is there a way to display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)? i have worked on another firewall vendors it's too easy to deteremin SSL/TLS version for troubleshooting instead of packet capture for many many custom

How to upgrade a Panorama server from 7.1.x to 8.1.x

Hi,

How to upgrade a Panorama server from 7.1.x to 8.1.x. Also, I heard about the log migration after upgrading to 8.0. So what should be the procedure to follow for this upgrade. 

ipsec site to site vpn

Hi,

Do I need a tunnel interface for site to site vpn ? 

If yes How can I do that and what is the benefit 

Thanks 

firewall using wrong LDAP attribute to find user in active directory

Hello Community,

I´d like to check with you the following issue:

created a LDAP authentication profile which is not working, when using the "test.... " command I get an authentication failed with "Received empty DN for user User12345"

I made a traffic

Orange attack on GP

https://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html?m=1

Any word from PA on this ?

Why is decrypt failing for this site

Hi

myeverythingdisc.com

my PA's use the unsecure CA..

tring to work out why.

Last I checked there was no log so ...

GP client fedora certificate

HI,

We are trying to go up a VPN using Global protect client in fedora device. We have read that global protect 4.x requires that the certificate be signed by a trusted CA. Our certificate is self-signed. So we have GP client version 3.1.x because we

Current stable release for PAN-OS 8.1

Hello,

I was hoping someone would be able to tell me what the current stable release for 8.1 is? I am planning to upgrade from 8.0 in the next couple of weeks. I see that 8.1.8-h5 has been available for over a month so was wanting to check if this or

site to site ipsec vpn question

Hi,
I have cisco cucm  on Head Office and Branch there is phones also 
cucm server ip is 10.0.2.10 and phones are head office also in the same network . And I want phones in branch also in the same network ( it 10.0.2.10 ) 
Can I achieve these using ips