If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users.
In the past six
...
So I know that one can go into the GUI and easily update the MOTD, problem is I'm not usually in the GUI for anything on my devices. Does anybody know how one can update the MOTD through the API or CLI, I could have sworn that I found it in the CLI a
...
Are there any Automation white papers in regars to Palo Alto and automation tools. Outside of VM Series, Lambda, and Tufin Orcharstartion suite?
Hi folks,
Trying to figure out if there is a way to clear a Commit in PAN OS 7.0.5-h2?
I see there is mention of it in the PAN OS 7.1 New Features guide.
https://www.paloaltonetworks.com/documentation/71/pan-os/newfeaturesguide/management-features/com
...
Hi,
We have a site A with PAN Firewall and site B with Cisco 5510 ASA. IPsec VPN tunnel is built between these 2 sites.
In certain occasions, we have the ISP site B network link up, but the users is experiencing no internet in siteB. As it is only a
...
About a month ago, I upgraded PAN-OS on our main PA-3050 HA cluster from 7.0.8 to 7.1.8. This also required an update of the User ID Agent I had installed on a Windows 2012 R2 server from a 6.0.x version to a 7.0.x version; I upgraded to version 7.0
...
I feel I must be missing something obvious with the SaaS report. I have set a schedule up to create it weekly and if I hit "Run Now" I get the nice graphical report, but if I view the output of the scheduled run , I get a very plain tabular list of
...
Hello everyone,
Blocking the URL below would be in the right format? Without the http:// or https://
www.spotify.com/sg-en/download/other
It just got me confused a bit with the "TIP" displayed in the URL Filtering Profile screen, putting a slash at th
...
Is there an easy way to convert a Cisco ACL to PAN format. Right now I have a 70 line ACL and it looks like each ACL will require 14 set commands. At this point I'm thinking it might be easier to just enter the 70 ACLs into the PAN via the GUI.
Any o
...
Hi All Experts,
Looking for advice here. Want to block non-syn-tcp packets. Global settings are:
> show session info | match non-SYN
TCP - reject non-SYN first packet: True
Zone protection profile in place:
But still Allow in the traf
...
Does anyone download and install PANOS updates but wait to reboot until a scheduled maintenance window? I'm wondering how risky this would be and/or how long you can let a firewall sit waiting for a reboot to the installed new version.
This would sa
...
I have a couple of Cisco ASA tunnels I need to convert to Pan. Each has about 200 lines of config all told. Whether I mark things up in a word processor or enter it in PAN gui - it's going to be a slog. Pausing to ask the community: Might there be a
...
we have created the application filter for proxy based apps-140+ apps are in that proxy filter which includes IKE, IPSec, Hot-shield etc except SSL.
This proxy-based app filter is called in the security policy (with block action). In addition to that
...
Hello,
We would like to detect and block "mastodon" SNS.
https://mastodon.social/about
Anybody know to do this?
Hi,
If someone running a botnet inside local network ,is there a way to get an alert like siem, from reports ,from live stattistics ?
what are the steps to identify these kind of traffic ?
Finally how to block them when threshold reaches ?
Thanks
Is there support for DTLS in any version of GP and PanOS? I can't find any mention of it in the documentation.
Thanks.
on:
Dual ISP VPN failover with single VR
on:
Palo Alto OSPF Graceful Restart
on:
Allowing PIA VPN in home network
on:
reaching Session Count Limit
