Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I want to configure my internal network to go dual isp with ecmp, isp Failover , VPN Failover and gp.
If anyone have any idea?
Hello everybody!
I have a problem with user identification and accordingly with security Policy.
In different computer, the same user is seen "user" or "domain\user".
The rules for work must have both type of user format. This is a big limitation.
Where
...
Today I got many critical alerts from Palo Alto Firewall.
Threat Type: vulnerability
Threat Name: Microsoft Active Directory DCSync Attempt Detection
ID: 54406
Category: info-leak
Content Version: AppThreat-8010-4662
Severity: critical
Does anyone has the
...
Hello, good morning.
I have a virtual firewall vm-300
I'm considering setting up the firewall in HA.
But the company where I have the dedicated servers does not offer me floating ip`s.
But they do offer failover ip's.
It is possible to mount a HA, with
...
Hi expert I would like to know shy after applied policy with HIp everything normally but why after I choose HIP Profile from any to no-hip found is can't access anything but connected normally
I've successfully configure SAML with a Shibboleth IDP for administrator access, however, the login process still requires two clicks : One to select SSO, and another to continue without a username. I'd like to provide a better user experience for a
...
I have created a rule which requires access to Adobe-creative clolud. This application is dependent on SSL and web browsing. Setting this rule to allow aslo grants access to websites like Amazon.com or general internet access.
Is there a way to make i
...
Hi all,
We have a standard IPSec tunnel one of our smaller sites with a strange issue related to the Proxy-IDs defined on the PA side of the tunnel. Our ASA side (10.7.0.0/16) is set to inherit all policy settings from the PA side, and our PA defines
...
Hello friends,
I have a question about saving my firewall changes and then applying them at a later date. What I want to do, is enter all my changes into a production firewall, but then not commit them. I want to save just my changes, ie a small con
...
Hi All,
i want to ask you about HSTS Session,
i just installed Captive Portal with Transparent mode because Palo Alto run in Virtual Wire mode, but Captive Portal can't intercept https session.
based on article : Captive Portal Not Working with HTTPS S
...
AHV is the Nutanix's Hypervisor that its custom base-on KVM Hypervisor.
I've tested run vm-series on AHV and its working fine , but Paloalto official support or not?
Thank you.
Hello ,
We have PA-3020 has a defined policy that deny any YouTube traffic , but unfortunately the FW doesn't recognize Youtube application-based policy which originates from Android phone and pass it as allow . I appreciate your comments if I can fi
...
I thought I heard earlier this year that there could be issues with the global protect VPN that are caused by upgrading to OS 8,0
We have problems with creating custom reports
We configured custom reports as we need pointing the time interval for one month but the report shows us only two last days of the previous month.
i can also show you
admin@PA-3020> show system logdb-quota
Hello Geeks,
During our compliance scanning (PCI-DSS External Scanning) process on our paloalto 3020 firewalls, the scanner found new vulnerability, "CWE-693 : Protection Mechanism Failure" and suggested to fix it ASAP to comply. Hence, I started goo
...
PavelK
on:
Clarification which update to use for CVE-2023-38802 (VM-100)
OtakarKlier
on:
How to configure ipsec vpn
