I have question with SSL decryption.

Hi there.

Few days ago, I 'd changed one of my client's F/W .

Everything was okay but decryption wasn't working.

After few times, I found out what problem was causing that issues.
(added decryption profile and changed policies (service: application-defau

User-ID

Hello all,

currently, we are facing with a strange issue related to user agent. Scenario is that, once the user login to his/her laptop then tries to surf, e/she will get dropped by the firewall. After further investigation, we found that the time the

Global protect AD strange issue

I have a strange and critical issue. I have Always-on type global protect with cert based username and OTP authentication method on handful of user machines. I have set the captive portal timeout for 0 and enforce network access under portal app sett

Error when using stdlib.syslogMiner

Hi together,

I am trying to import PANOS-Threat Logs into MineMeld using the syslogMiner.

I have configured the Miner and the LogForwarding via Panorama and can see the incoming logs at the Minemeld instance using tcpdump.

Still I see no indicato

Question About Multicast Not Receiving, IP Flood (URGENT ACTION REQUIRED)

Hi Team,

we have done multicast configuration and we are unable to receive multicast through firewall PA-3060. Also whenever we did add our LAN interface into multicast configuration “ other IP flood” critical threat gets started into that particular

Moving Panorama M100 function to M500

Seems M100 does not support PAN OS 9.0

We have Physical M100 running as Panorama mode.

Also we have M500 running as Log collector mode.

Can we move config of M100 to M500 so they can manage all the firewalls?

Panorama 8+: Can you override EDLs in child Device Groups?

Currently running Panorama 7.1.  We'll be upgrading to 8.1 in October-ish.

According to the documentation for 7.1 and 8.1, you can create an EDL in Device Group A, and it will be inherited by all child device groups below it.  This is working.

Accord

High utilization caused by decryption

I dunno if anybody else has run across this or not but I just felt compared to share.  I have been having fairly continious performance problems with a 5050 cluster and last night I isolated at least one culprit that's been adding to that problem.  W

Dynamic Block List - Limit on number of entries?

I've been experimenting with MineMeld and love it - brilliant product 

That said, I'm struggling to get a clear idea what the size limit is of each blocklist.

https://live.paloaltonetworks.com/t5/Learning-Articles/How-are-Dynamic-Block-List-Entries-

move from 4 internet lines to one single internet line

Configuration changes in case we move from 4 internet lines to one single internet line ?

in Our Current scenario, We have 4 interfaces configured with 4 different Public IP address and each interface is linked to the different router( Internet),each

Palo Alto Core Firewall HA Active/Active

I have found some issues in running HA Actvice/Active as it relates to config sync. It appears when a red dot on the firewall and an Admin connects their default reaction is sync config. So I noticed that something that replicated to the active-secon

One Internet line Multiple intefaces

Hi Everyone
In my sinaro i have one internet line 10 MB and i have 5 zones configured in PA my question . and each zone for different purpose for example (IP SEC - Intenet -Email)

1-  how i can provide the internet to multiple zones with a multiple