Allow outbound web traffic by exception by session while utilizing authentication

Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however thi

Kerberos SSO PAN-OS 7.0.1

Hello,

at the moment I'm trying to set up a SSO Auth with the Admin Web Interface (and Captive Portal). I set it up like the documentation of PAN-OS 7.0 told me. I tried different Crypto types but all with the same error.

1. Log in to the KDC and open

Change password for TACACS user

Hi all,

Is it possible to allow Firewall administrators (authenticated via TACACS+  running on Cisco ACS) to change their expired TACACS passwords when they're logging in to Web UI of the Firewall ? 

Cheers,

Marek

Globalprotect portal not found

Hello,

I'm having some issues connecting with globalprotect with one laptop.

The 4.1.10 version was installed . Tried with 4.1.12 and 5.0.2, same issue.

I can connect via the browser without issues. install and uninstall a few times with no luck...

IP Sec VPN Failover Paloalto FW – Cisco IOS

Hello!

How to configure a backup VPN?

The main VPN configured and worked, path monitoring worked 

Better user web traffic reporting?

Reaching out to the community to see if anyone has a solution for obtaining nice pretty VP readable reports for user web browsing traffic history that works well with the PAN firewalls? The URL report on the firewalls is overwhelming and requires a l

How to allowed only specified youtube video URLs and other videos are block

Dear All,

I have follow the below articles but it does not work properly.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGzCAK

Please let me know if there is any other alternative way to allow the specified urls.

Thanks i

STIX/TAXII feed not working for otx.alienvault.com

Hello,

I tried to create a STIX/TAXII miner for otx.alienvault.com. I used the default MineMeld taxii client for this(minemeld.ft.taxii.TaxiiClient) and the new client minemeld-taxii-ng(taxiing.Miner).

The first client does returns the error ' module

Route Reflectors

Is there more details on the route reflector options? The documentation is pretty vague. 

what is enable sender side loop detection? What is bidirectional peering?

Panorama in NSX deployment not showing interfaces within the template

Hello community!

I have an issue you maybe can help me with:

I´m deploying PAN-VM firewall on NSX and noticed that the template where I added the VM doesn´t have interfaces.

The VM is connected to the Panorama and the template is in sync, I push a new

ConnectionError: Too many connections

Hi,

I'm using outputs feeds from minemeld in my Firewall and I have seen the next:

1. If I try to retrieve an output with 142 or less indicators, it works. The Firewall shows the entries from minemeld output node.
2. If I try to retrieve 150 or more indicator

scheduled reports are not being generated

Hello Community!

I have an issue with scheduled reports, they are not being generated. I send a "test email" and I receive it, I reboot the Firewall and I receive the scheduled reports for some time but then it fails again. I´m running PAN-OS 7.0.1