Resolved! PAN-OS 9.0 -go live?
Hiho, has anyone 9.0 already on production units?I´d like to have your feedback regarding the release.Wait for first hotfixes / minor patches or go productive? Greetings
Hiho, has anyone 9.0 already on production units?I´d like to have your feedback regarding the release.Wait for first hotfixes / minor patches or go productive? Greetings
We have 4 PaloAlto clusters and a FQDN refresh works on 3 of the clusters but not the 4th. All objects are shared on the 4 clusters. I have tried: Scheduled refresh of FQDN failsManual refresh of FQDN failsChanged the FQDN refresh time.I can ping the DNS server from the Management Interface.If i ping a DNS it resolves.If I create a FQDN object i...
Hi,Recentely the firewall upgraded from 6.1.5 to 8.1.6 but after upgrading there is something strange, there is a allowed rule but in monitor tab it hit deny, i tried to move it to top but still the same issue ( Session End Reason: policy-deny ). Any help will be highly appricated Thanks
we need to do do ssl decrypt exempt for number of domains.this we are doing as per vendor requirement so that application can run without ssl decrypt 1>Need to know if traffic is not decrypted and end user pc gets infectedcan c2c in url filtering profile can block this traffic?we have action of c2c as block right now. 2>if for example the...
Have auth profile setup to use a TACACS server. VSA is passing "superuser" as the admin profile, but it is not giving me access to the CLI as superuser, only GUI. I know I could create another admin profile and grant access that way, but it locks out Admins and Admin Roles from the GUI. Is there anyway to use external auth and get superuser o...
The Paloalto firewall stop to download the dynamic updates since 28 Jan for Antivirus and 6 Feb for Applications, is that beacuse of the PAN-OS, should i upgrade 8.1.6. Appreciate your help Thanks
I saw a strange PAN-OS version on the support site software updates and wanted to know what this version is. What does the "h2" designation mean? 8.1.6-h2
I was wondering if someone could enlighten me on how to replicate the Mapped IP functionality from Juniper SSG to Palo Alto.We have a number of services on our current Juniper SSG. The way we firewall these services is using MIP's on the Untrust Zone then the traffic passing from Untrust to Trust using standard juniper policies. I was playing ...
Hi @reaper Do palo alto support SVTI like Cisco.SVTI configurations can be used for site-to-site connectivity in which a tunnel provides always-on access between two sites. The advantage of using SVTIs as opposed to crypto map configurations is that users can enable dynamic routing protocols on the tunnel interface without the extra 4 bytes req...
I've recently turned on HIP profiles for our windows users, checking to see if our patch management and AV is running by looking at processes. I need to do the same thing for some of our Mac users, but I'm striking out. What is the best way to verify something running as a process via globalprotect on a Mac?
Hey Community! I noticed that our Firewall (PA-3020, PAN-OS 7.1.6) does not serve an Antivirus/Anti-Spyware block page.When I use http://www.eicar.org/85-0-Download.html to test it, I can see that it is blocked.ThreatLog shows action "reset-both" but in the Browser (tested with Firefox 50.1.0 and IE 11 11.576.14393.0/Win10) I don´t get the desir...
Hi I have some inserted routes into my BGP for redistribution.firstly I have a NAT address associated with a loopback. I had a redis rule saying connected and added in the interface. That didn't add the ip address into the BGP tables, tried just the /32 that didn't work either ! so I went into the router and bgp and redist rules an added in /32 ...
On PAN-OS 8.1.2 I'm getting decrypt-errors when decrypting inbound traffic. I ran a test using SSLabs.com, and I found that newer browsers are requesting x25519 and getting a handshake error. It's showing that only secp256r1 are secp384r1 are supported. Does 8.1 support x25519 or plan to support it?
Hi , How to configure PAN to allow for the SFTP traffic over public ip. ThanksKM
I currently have a virtual Panorama on esxi running version 8.1.x in legacy mode. The VM is configured with a system disk and an additional 500GB disk for logging. The 500GB is proving to be not enough as I'm only able to keep a little of 1 month of logs. I have asked this question to support, but could not really get a clear answer. Is it pos...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

