PAN OS 8 displaying multipe threat/anti virus versions

Hey folks.

I don't know if this is intentional or not, but it's annoying as hell, and if it's configurable, I'd like to know hwo to fix it.

Since upgrading to Pan OS 8 on one of my PA's (a 500), I've noticed that when I check for dynamic updates, I g

CLI commands for Palo Alto configuration

Hi,

Are there any CLI commands which we can use to assess all the checks listed in the CIS Palo Alto Firewall 7 Benchmark?

 For Example:

Check : Ensure 'Minimum Password Complexity' is enabled

Navigate to Device > Setup > Management > Minimum Password

Will an On-Demand configuration keep GlobalProtect from notifying me that it did not connect?

I've deployed GlobalProtect 4.0.3-31 to my lab machines.  When I log in, I get notifications that GlobalProtect is connecting, and then that it is not connected.  I'm not panicked because my portal is not available from my internal network.  Will swi

Integrating Minemeld with TheMediaTrust

There is a current miner prototype for themediatrust, and the comment from the .yml file indicate that you need a valid TMT DTI API Key to use this Miner.   How do you configure this DTI Key in the Config section from the New Local Protoype page?

Th

Palo Alto and Cisco ISE packet issues

Hi 

ive got an issue when a user connects on our VPN using the global protect client the connection will take nearly a minute to connect and in the backgroup create several failures on our Cisco ISE RADIUS server, before finally let the user connect.

Commit limits

Hi Guys,

We are running scripts to push configurations into the firewalls. Everything is done via CLI and with set statements (I know that it is odd, but that's the way it is). Does anyone know are there any limits on the configuration size because s

Content in TS-files ?

I've been trying to find infoirmation on what the content of the TS-files are.
Reharding GDPR; does it contain information about the company's users and their behaviour (ie traffic-/URL-logs) ?

GlobalProtect - Change Password field to say "Token"

Hi, does anyone know a way to update the password field on the GlobalProtect to read "Token" so that our end users know that they need to enter their RSA code instead of their domain password? 

private ip addresses in url filtering category

Hi,

What is private ip addresses in  url filtering category .

I tried to allow and access a url in local lan , did not work 

Thanks

ICMP gets dropped by DEFAULT DENY ANY ANY

Source IP: x.x.172.230

Source Zone: int-fw

Destination IP: x.x.20.50

Destination Zone: DMZ

Requirements: SRC and DST IPs should be pinged bi-directionally.

Scenario:

- I've allowed the traffic using ICMP, ICMP-0, ICMP-8, PING bi-directionally but still

IPSec VPN- Layer 2

Hello,

i'm using this ressource to configure Site-to-Site IPSec VPN in Layer 2 with a PA-200.

Of course, it's not working this is why i'm here with a lot a questions.

edit: it's working now

1/ i'm assuming the left part of the diagram is considering as