Global Protect internal host detection is not working, when user is in branch office connected via to site to site vpn.

Case:
Global Protect VPN is enabled in HO PA220.
BO also have PA220, HO and BO connected over site-to-site vpn, 
If user is connected to HO LAN, internal host detection works and identify it as Internal corporate network.

And if user is connected to BO

Transferring PA (already registered) license to other PA (already registered) device

How do I transfer one of my PA-220 license which is already registered to other PA-220 registered as well ?

I might be able to do that if I can make one available in spare and then move my already registered PA-220 license to the spare device.

Apprec

Office 365 Reports

We are going to ingest the Office 365 logs. Has anyone written or come up with some query reports they like?

Browser not prompting/selecting client cert for GP portal

Does anyone know exactly what is needed for browser to either select or prompt for client certificae when connecting to GP portal?

I know you need a client sert in personal user store and certificate profile on GP portal.

But still i find the behaviou

WhatsApp calls/audio uncaught by whatsapp & whatsapp-base Palo rules

Hi,

It seems that WhatsApp calls use SSL and QUIC towards their servers and this is no more caught by whatsapp and whatsapp-base Palo Alto rules.

Example of use case: I called from an android smartphone on a limited access (whatsapp allowed) to ano

How to allow all the traffic from TLS V1.2 and above on firewall

Hi friends,

we have a customer who wants to block TLS version 1.0 and 1.1 and to allow all the traffic from TLS V1.2 and above on firewall.

Is there any option on palo alto firewall.

Customer requirement is that they need to block it from the interfa

Automation using batch file.

Is it possible to automate URL category configuration (Adding and removing an URL from an existing URL category)

by creating a config in batch file?

Clearpass cannot parse NGFW threat logs

I am trying to parse the threat log from NGFW 10.2.6 to clearpass version 6.9.11. Is there someone here perfected the Syslog Custom Format so that Clearpass can parse it? Currently, I'm using this format and still no good:

CEF:0|Palo Alto Networks|

PAN-OS 10.1 no Wildfire Submissions logs in WebGUI

Hi, 

I made upgrade on PA-220 to PAN-OS 10.1.0. After that the Wildfire Submission logs are not loaded in WebGUI. I only see the rotating progress circle in the upper right corner.

In CLI the Wildfire logs are visible 

>show log wildfire

Of course I have

500 Server Error for Miner nodes

Hello all,

I am currently receiving error messages on two miners within minemeld regarding the "Last Run" while trying to pull and carve out new IoCs. 

The message I get when hovering over the error is "500 Server Error: Internal Server Error "

PA-220 internet issue

Hi, 

I bought recently a PA-220 for home as I am very new on Palo alto in order to learn.

My current setup is the following :

ISP router -------> PA-220 -------> Netgear router 

I've set the zones, virtual router etc, policy. 

I am following that

PA OS upgrade issue and question

I am attempting an upgrade of my HA pair OS from 9.1.4 to 9.1.16 and am receiving the attached on the HA widget.  It says verify they are syncing in the upgrade doc but this doesn't look like it is?  Any help would be appreciated.  Thank you