General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Resolved! DNS proxy sharepoint domain issue when cache enabled

Hi there, i have some issues with my firewall when using dns-proxy with enabled cache. I cannot resolve sharepoint domains e.g., but when I disable the cacheoption everything works fine.Does someone have any suggestion how I cou...

Chris.Ka by L1 Bithead
  • 9 replies

Resolved! Can't find user for security policy rule

Having a bit of an issue but can't seem to pinpoint the solution.. When I go to add a security policy rule, under user, i cannot find specific users. However, when I go to the traffic monitor tab, I can see the user mapping is working from the User-I...

MikeC by L3 Networker
  • 4 replies

Resolved! No serial no or Auth Code on VM

Hello All, I want to create support account to license my palo alto vm. But while registering it is asking for Device Serial no or Auth Code and Sales Order no or Customer ID, wheareas i dont have any of these. My PA VM does not show serial no. Snap ...

CLI/API command to verify Panorama push diff

Do you know of a CLI command or a rest API call to push and to show the changes of configuration to be pushed to a firewall from Panorama? I am trying to automate the process, but could not find any references.

batd2 by L3 Networker
  • 1 replies

SSL inbound inspection not working for SMTP

I'm running PANOS 10.0.2SSL inbound inspection for a web server is working but for a seperate SMTP server it is not.Both use the same certificate.Both use the same cipher suites.Two seperate decryption rules wihich are clones of each other, only the ...

Han.Valk by L1 Bithead
  • 1 replies

HTTPS to HTTP Redirect

HI Team, Is it possible to redirect the traffic from HTTPS to HTTP. As my webserver is using HTTP. We outside user connect it's it's should be redirect to Please advice

Resolved! LDAP Rights Query.

Hi Guys, To create the service account in AD, which is utilized on the device. we know that below rights are needed.- Distributed COM Users- Event Log Readers- Server Operators My query is why it necessary, what it's justification to be a part of thi...

Resolved! Link down between Firewall and Syslog server

Hi all, I'm looking for any KB or official document that explain the log forwading behavior when link between FW and Syslog server is down. As I understood that PA firewall will not resend the the log at the moment of link between them is down to syl...

SDWAN Zone Mapping

Trying to make sure I understand this correctly. For each zone to used within the SDWAN they must be mapped to the pre-defined SDWAN zones. For the following example would this be the correct method of mapping: Pre-SDWAN zones (same zones at all site...

Resolved! Upgrading heavily used PaloAlto Firewalls

Hi, I am about upgrade some PaloAlto firewalls with 10s of Vsys but wondering what would be a good report to generate to identify traffic flows for pre and post checks as well as identifying impact to services. any help will be appreciated. Regards,

qasim02 by L2 Linker
  • 6 replies

Resolved! GlobalProtect Max tunnel count ?

HiI'm doing a global protection test.And we created the External Gateway and the Internal Gateway.And for the Internal Gateway, we didn't set up the Tunnel.If so, wouldn't it count to the Globalprotect Max tunnel provided by the equipment?In case of ...

URL Categories and SSL Decryption

I'm having an issue with URL Categories and SSL Decryption. I have two decryption policies; the first is a no-decrypt policy for URL Categories matching "financial-services" and "healthcare-and-medicine," and the second policy is a decrypt-all for se...

Request a Signature for CVE be Mitigated

Is there a proper way to request a CVE be mitigated by the Palo firewall and added to the Threat Vault? I have read the conditions for a signature being added, but it doesn't tell you where to request one.

RMaine by L0 Member
  • 3 replies