Trouble setting up Proxy ID's for a S2S with a Checkpoint peer and continuous rekeys

Hello,

I'm quite new to PA and not much firewall experience.

We are having trouble with a S2S VPN with a partner who has a Checkpoint FW. The clients are on our side, the server is on their side.

What I see in our logs are constant rekeys for the IKE

arp Flooding

Cisco router is getting flooding from Palo Alto firewall

Source NAT is basic getting scan from outside random countries

We deal with users in other countries and blocking by countries will not work.

the ranges from outside to our public ip address

It

How to allow particular URL via Global Protect Split Tunnel and DNS should resolve for that particular URL.

Our BI team has snowflake setup in the azure, they have whitelisted on-prem public ip addresses and Global protect public ip addresses to allow the snowflake access.  We have a split tunnel GP VPN so tried with including domain and port number of the

Fuel Spark Event Discussion: AI in the Age of Cybersecurity (September 26, 2024)

Fuel User Group is hosting a virtual Spark User Summit on September 26: AI in the Age of Cybersecurity.

This special event, from 9:30 until 11:30 a.m. PT on Thursday, September 26, is dedicated to AI. Join us for an insightful update from Rob Ra

App and Threats 8896-8979 - Not identifying TCP 80 - web browsing

Anyone else having this issue with the most recent app/threat db? I am seeing lots of denys on tcp port 80 because it is not able to identify web-browsing on many applications.

-Nathan

How can I send Palo Alto Firewall Syslog as JSON format to a Syslog Server?

I have purcased a PA-440 Palo Alto Firewall. I want to send Syslog from it to a Ubuntu Server with JSON format.

I am sending Syslog from the firewall to a Ubuntu Server using "Device > Server Profiles > Syslog":

The syslogs that I receive looks lik

AWS NGFW currently at 9.18 and need to upgrade to 11.0.3-h5

Greetings, 

What I would to try is creating an new instance for the firewall on 11.0.3-h5 or whatever is available in AWS.   then import my 9.1.18 configuration.  Or would it be better to import device-state?  or should I just follow the normal upgra

PAN-OS

Name a version of PAN-OS that does not have a vulnerability. Ya that would be great

REST API to get XSIAM Incident Comments belonging to the incident

Messenger -> Incident Discussion

App-ID confusion and blocking spotify

Hello, 

I'm trying to work on a request to totally block Spotify on our network for 1 host (could be more in the future) and I thought App-ID would be the best option for this but since it depends on SSL and web browsing it's dropping all traffic when

Globalprotect auth certificate profile

Hi,

Question on global protect authentication certificate profiles.  On our gateways, I've had a certificate profile configured to prevent non-company devices from connecting.  Has worked great, no real issues.   However, this was only configured o