To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Under the URL category of "educational institutions"(set for alert) we are generating a enormous amount of logs identified with an application of “windows-remote-management”. I currently have modified that category to "allow" which eliminates all log...
Hi, wondering if someone might know how to see counters for flow_fwd_mtu_exceeded for a specific interface. Our firewall's global counter is increasing using this command: show counter global filter packet-filter yes delta yes but I'd like to know wh...
Hello, in the followind doc, Firgure: Single Default Log Collector per Collector Group.Looks like we can assign Firewalls to send logs to the Primary Panorama, Also it looks like we can assign firewalls to send logs to only the Secondary Panorama.htt...
We have 1 user who is abusing Youtube. I need to block this person from YouTube but still allow this person access to google.comI tried a URL filtering policy but it also blocked access to google.com.Is there a document or a video of how to perform t...
I manage our active/passive HA pair of PA-3050 firewalls currently running PAN-OS 7.0.8. These were migrated a few years ago from PA-2020 devices that were put in by a previous network administration regime. Our current network administration team is...
Greetings, We've had several Wildfire Alerts that show both the source and destination addresses translated yet NAT is not configured. For the subject data flow, the source is an external network for which we have no control. The destination is our c...
Hi, I have a Panorama M100, the device lost connection, neither couldn't be access by console, so we don't make any changes. Then we reboot and connect keyboard direct to appliance and we choose option F1, whit that, the device Started working and re...
I created a security policy for Office 365 using the application IDs. When I commmited, it said that SSL required, but I already have SSL/web-browsing in another policy below. During testing, I found that the 365 policy was not catching any 365 traff...
When we try to setup an Skype for Business call we always get blocked by the SSL decrypt of the Palo Alto system.I would like to configure no ssl decrypt for collaboration. Is this possible and how?
How can i know the version installed in UserID agents server from Palo Alto???? i tried show user user-id-agent statistics but Version shows the protocol version, not the real version client UserID https://live.paloaltonetworks.com/t5/Learning-Articl...
Hello Experts I have two firewalls cluster, managed by panorama. One cluster is for perimeter firewall and other is core/DC firewalls. I have three customers and I created three vsys (CUST1, CUST2 and CUST3) on both clusters. Now what is the recommen...
What is the order of sequence in email Threat Alert generation between the receive_time and the time_generated fields?
Hello I have itha pair, both password changed. the primary device's ticket closed automatically, but the secondary's was still open. password match thoughbut... request high-availability sync-to-remote running-config <<-- would that be valid to sync ...
I have users on 3 different local AD domains. We are consolidating, but in the mean time, users have been able to connect to the GlobalProtect VPN and browser network resources. A few weeks ago one user emailed me and said he is connected to VPN, but...
Need help with IKEV2 packet exchange document.
on:
Advanced URL Filtering Eval expired - URL filter stops (persistent)
on:
Terminal Server agent internet not working
on:
Unlink FW to panorama for doing changes
