General Topics

Resolved! custom url filter action continue and ssl decryption

i have configured few custom url and action is set to continue.

for some https websites i get response page and when i click on continue it works fine.

for some https websites chrome shows error connection reset.

PCaps on PA does not show any drops.

tra

Resolved! Command line

I have come accross and article that show some of the CLI commands for palo alto but there aren't that many listed. When I call into support they are able to come up with som many more anyone know where I can get a larger listing?

Resolved! Tunnel monitoring using internal src to external dst?

Is it possible to monitor VPN tunnels using an internal source IP on my tunnel interface and the external IP of the other system? I won't always have control/access to the other side of the tunnel, I may only know the local subnet(s) and the external

Resolved! Use public email server for Email gateway

Is it possible to use a public email service, such as gmail or outlook, for the email gateway in the Server Profile? 

Or must this be an internal SMTP server?

Resolved! IKE1 tunnel up without interesting traffic

i have configured the ike1 tunnel with ASA.

Right now there is no interesting traffic passing.

i initiated the traffic via cli to test the tunnel 

i see on gui under status - tunnel info and ike info both are green also i see tunnel interface is gree

Resolved! PAN-OS 9.0?

Is there a list of features somewhere that PAN-OS 9.0 is supposed to support?

Rumor is that 9 will support true HA in Azure with session persistance, but cant find anytihng on it, and curious how that will function with Azures lack of L2 support.

Resolved! Which IP address should I use for IPSec tunnel monitoring

Hello,

I made an IPSec Tunnel with Fortinet device, and it has some issue.

So I want to set tunnel monitoring for the tunnel, but I'm confused about the destination IP.

I set my tunnel interface ip(192.168.88.1/24), but at fortigate, it's not set.

I

Resolved! 8.0 HA Failover and IPSec VPNs

I am getting ready to do a failover test. Runnig a pair of PA-5220s in HA Active/Passive.

I see posts asking about what happens with IPSec VPN connections, but they are a few years old. Just want to confirm that with 8.0 the failover is still seamles

Resolved! global protect client --- software not updating on user pc

i have upgraded GP with latest 4.1.6

client is connected but he software on user pc is 4.1.4

i refresh the connection still client pc is sitting on version  4.1.4?

Resolved! GlobalProtect Initial configuration

How are people configuring their PAN for clients to grab the inital GP configuration?

Currently, the laptops are being imaged with Windows 10 and automatically connect to our internal network via certificate based authentication. GP is set to automat