Unrusted Cert Warning on IE
We have created SSL cert for the PA web gui from our internal CA.When we access PA web gui via Chrome it is good. When I use IE it get the cert untrusted cert warning message?How can i fix this ?
We have created SSL cert for the PA web gui from our internal CA.When we access PA web gui via Chrome it is good. When I use IE it get the cert untrusted cert warning message?How can i fix this ?
I have a strange issue. I am setting up a new 850 HA pair A/P To the outside world is a LACP Aggregate, connected to a HP switch. All was going well when testing, I can ping a dummy device (laptop) fine on the outside switch from the firewall. But when I connect to the firewall to the upstream router, pings to google all get ( DUP ). If I conne...
My Requirement is to configure email alerts so that I will get email notification when my firewall got shutdown automatically , rebooted due to any cause .Previously I configured high alerts but that was also throwing unwanted alerts so please help me in fine-tuning this
I have an SD-WAN device at my internet edge that will be doing the NATing for the network. This is so that the device can decide which of 3 ISPs to use to forward traffic. My Palo Altos sit behind this device and will do the firewalling and URL filtering. I did not deploy in vwire mode, I cant seem to get traffic to pass through so my quesiton i...
We have two F5 devices configured as active standby behind PA. The issue is on failover F5 failover ARP table on the PA is not updated quickly enough for smooth transition. Is there a way to mitigate this problem and increase ARP update time for that interface only.
I am seeing this in my system logs. IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP 172.250.246.42[500]. How can I block this? I been a Cisco guy for a longtime and new to Palo Alto. On my old cisco asa I could block an ip at the control plane like this. access-list cp-outside deny udp host 172....
Hi all, just got this case, where the client shutdown the Panorama 8.1.5 for maintenance. But once reboot, and login to the device he will not see the ">". if he performs any commands there are outputs. But the prompt is missing. He reloaded the device and has been is this state for over 24hr now.Usual CUP load is 5% on their network. But now...
Hi Team, The primary NTP server toward Microsoft NTP Server(172.27.35.111) and also Configured the Cisco router(172.27.9.253) as secondary NTP Server. All the Network device is synchronized with secondary NTP server (172.27.9.253 ) but paloalto firewall not able to pull time information. Can anyone help to resolve this issue. Thanks
I have clicked on run now on 30 day custom report and below is status show report distributed-states reportid 6314Last Updated Time : 2019/05/30 09:48:32Current Report State : RUNNINGCummulative Docs Processed : 15318545-----------------------------------------------------------------------------------------------------------------------------...
Hello, everyone,Currently I have the problem to build an IPSec tunnel between a PA200 (A) and a PA220 (B).My one side A has a Telekom hybrid Internet connection (its a german product with LTE and cable connection) to a Speedport router. Thus only one dynamic official IP.The other side B is a normal company connection with a fixed IP address. I h...
In an event of failure of this stand alone deployed Panorama box (log collection and device management) from where will the firewall gets the the templates(Networ & device settings) information since I dont see this information in the local Firewall device config file.is it ideal to manage the devices settings (HA, Admin roles, Authenction p...
Hi all, We currently have GlobalProtect setup with HIP policies to check for configurations on laptops and computers, which works perfectly. Now we're looking to support GlobalProtect for our mobile devices by using more HIP policies to restrict mobiles to iPhones, and a few other checks. However, I've recently noticed that anything related to M...
Hello I've succcessfuly been using Minemeld for some time now and I'm looking to further implement it We currently have TAXII output working to our SIEM, however it just outputs basic data <stix:Indicators><stix:Indicator id="minemeld:indicator-fec078bf-881f-4c89-96d1-7138468b2954" timestamp="2019-05-20T22:10:27.149987+00:00" xsi:ty...
Hi folks. I need to configure a L3 iterface with a trunked conenction to my core switching infrastructure - twos eperate VLAN's on the one physical interface which MUST be seprate VLAN's, security zones and IP ranges. I can't figure out if I'm mking this work right - I add sub interfaces tot he physical interface configuration, and they are tagg...
My MM version is 0.9.52and VM Version Ubuntu, o365 miner is not working. and erorr blow.. minemeld-engin.log why not connect? Only endpoints.office.com not connect...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

