Log forward without internal logging?

Should it be possible to LOG forward without having internal logging?

Some stuff I need to be able to deal with on the firewall, but others I just want recorded long term.

Seems to be no option to do it.

what NAT and Network config

Hi,

I have a router from my carrier. This gives me an internal IP 10.0.9.3 /16 from my internal Network 10.0.0.0/16 network and the GW IP he gave me is 10.0.30.99.

Now he makes natting so i could get internet access and there i have a static official i

xml stream error

Hi, I'm using Soltra Edge to poll the taxii service from MineMeld.  All works well in that the service can be discovered and I can start polling.  Towards the end of the polling (or possibily at the end), the following error is generated in Soltra Ed

Skype for Business not work if use SSL Decrypt

Hi,

Is it possible to exclude Skype for Business application from SSL Decrypt?

Custom No decrypt URL category is not an option because new clients with on-premises Skype instances coming constantly.

br

Toni

How do you disable Layer 7 inspection?

If I wanted no layer 7 inspection for a particular IP at a certain port - how can I do that without Application override? Thank you.

Any special instructions to move A/A firewalls from 7.1.x to 8.0.6 via Panorama?

Greetings all,

Title pretty much says it all but we're wanting to move to 8.0.6 since it is a Palo Alto support recommended version.  We're currently running 7.1.4 I believe with both of our active/active firewalls.  Panorama is already on the 8.0.x

Panorama scheduled config-export failure with 20 character SCP password.

I noticed my Scheduled config-export backups were not working.  At some point they were working file.  Upon Further troubleshooting I found that the Panorama scheduled config export was failing because the password was 20 characters long.  Upon chang

How to Block weak ciphers?

Can PA be used block weak ciphers at zone or server level?

Mixing App-ID and Service

Am I correct in assuming that if you use App-ID you can't also use TCP sercice ports to allow aditiona other services on the same rule.

Thanks

Rob

Drive-by Downloads & Block-Continue Page Exceptions

Hi all,

In my environment, some developers use NuGet in Visual Studio, and in certain cases, commands will call out and download PowerShell scripts.

Obviously I want generally to block PowerShell script downloads, but in special cases I need to allow

Global Protect still lacks detail reporting feature

Greetings,

So, I have a ticket open with support requesting on detailed reporting as seen on Network --> Global Protect --> Gateways --> Remote user link --> remote user tab, but on a cumulative basis instead of just data from the last login session.

Custom Region

Has anyone created a custon region and later found out that there was alrady a built in region for that country? How did you deal with it?