Resolved! show system setting ssl-decrypt certificate -----No inbound cert

show system setting ssl-decrypt certificate

Certificates for Global

SSL Decryption CERT

global trusted
ssl-decryption x509 certificate
version 2
cert algorithm 4
valid 171204224608Z -- 221204225608Z
cert pki 1
subject: NGFW-2
issuer: Root CA 2
serial number(19

Resolved! Cannot retrieve indicators from FS-ISAC feed

I recently created a feed over at FS-ISAC for my organization, and I'm able to connect successfully from within MineMeld, however I am not receiving any indicators. My initial_interval is set to 30d and when I test using 'taxii-poll' from the shell ...

Resolved! Using Same layer 3 network with different vlan tag

Need to confirm if we have layer 3 subinterface say 

network 11.11.1.2/24  vlan 100

network 11.11.1.3/24  vlan 200

It is possible to do this on  the PA?

Resolved! SSL forward trust option

Hi,

We have a certificate generated by RapidSSL as CA. but we can NOT set this certificate as a forward trust certificate to use in Decyption SSL, the option shows disable. Roots is in the list "default trsuted certificate authorities".

Why the optio

Resolved! JSON Parsing - ProofPoint

Has anyone been able to get ProofPoint TAP logs into MineMeld?  I think the issue I'm having is with my JSON configuration.  Here's what I have so far but it's not pulling any indicators.  I've tested my query on http://jmespath.org/ with sucessful r

Resolved! Allow application facebook before denying application facebook-chat

Need to block facebook chat and allow Facebook for some user group.

i was reading this 

Allow application facebook before denying application facebook-chat

Does it mean block facebook chat first then allow application facebook?

Resolved! Custom App signature and App pushed from PA update

What if we create creates a custom application containing Layer 7 signatures.

And after few days the PA send the Latest APP and  Threat updates and we download those in the PA

What will happen if the update contains an application that matches the sam

Resolved! GlobalProtect stopped to work after appliance reboot

The GlobalProtect Portal/Gateway had been working perfectly until tonight I have restarted the Palo Alto appliance.

After - I was not able to connect. The portal page - ERR_CONNECTION_TIMED_OUT.

I tryied to load older configs, I have even reinstalled

Resolved! PA-220 - bidirectional NAT - how to get a Nintendo Switch to work online

Greetings,

I am trying to create the NAT IP only rule as outlined here.

https://www.ericooi.com/palo-alto-firewall-home-network/

I have a single External WAN interface Etherenet 1/1.

I am wondering how the referenced NAT SOURCE Translation interface

Resolved! About Threat and Wildfire submission

Hi all and specialist engineer, I would like to know sometimes I'm doubt about monitor wildfire submission and threat which wildfire is shown in a monitor (ref: wildfire portal ) but why threat does not show even though same both a file name and typ

Resolved! IPSec P2P VPN Tunnel not working

Hi,

I am trying to terminate on PaloAlto VM-100 (8.0.13) an IPsec tunnel.

It seems that the other side is not able to connect at all. We have checke all IKE settings and they seem OK.
I am using a Loopback interface with an external IP address (exactly