Hey everyone, We just enabled a feature on the LIVEcommunity that allows for products to be linked inside of discussions or articles.. this helps cross link information throughout the site, especially useful if you are looking for specific informatio...
To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...
Got an odd issue I was hoping someone may have seen.PA 500 setting up a 4 port LACP bond to juniper switches. Running PanOS 6.1.2Setup the LACP bond on both ends, LACP would not negotiate. Spent many hours wtf’ing, couldn’t find anything odd anywhere...
Hello,I am currently working on a new PA-3020 deployment. The device has been delivered with old PanOS 5.0.6 release. Also I would like to upgrade it to last PanOS 6.0.x release before going ahead with configuration.The device has currently no access...
Hello.I am trying to setup an application policy rule to allow secure LDAP from our hosting company back to our internal domain controller running MS AD. I have the appropriate NAT statement setup.If you look in the log screenshot above, you'll see t...
I'm getting the following error showing up in event viewer on our Windows domain controller. We have 4 DC total that have the the user-id agent installed.As you can see, I am getting a lot of these error. The IP in question is one from our BYOD subne...
Just wanted to let you knowhttps://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777
Hi all,We have two PA-4060 in active/passive mode with PAN-OS 4.1.12 (I know, old..).Yesterday, after rebooting passive device auto commit failed with:Error: Certificate 'XYZ' failed to load: failed to parse keyand device went to not-ready state.Afte...
We have configured One VR-1 onlyEthernet 1/1 is a WAN interfaceEthernet 1/2 is a WAN interfaceEthernet 1/3 is a WAN interfaceEthernet 1/4 is a LAN interfaceWe’ve created ETH1-ZONE for Ethernet 1/1ETH2-ZONE for Ethernet 1/2ETH3-ZONE for Ethernet 1/3ET...
A customer is seeing infected word files with macro in their network. The firewall is not able to block this file because the macro keeps changing file hash, even with WildFire enabled.Would Traps be able to detect and kill this file on the host with...
Traceback (most recent call last):vigate, ENTER=Select, ESC=Back File "/usr/local/bin/mrt", line 192, in ? main(sys.argv[1:]) File "/usr/local/bin/mrt", line 187, in main m.main() File "/usr/lib/python2.4/site-packages/mrt/ui.py", line 4330, in main ...
Hello,Can PA be possible for content inspection after ssh decryption?I looked the below document.Details on Port Forwarding Inside SSHThis document mentioned the following comment."Content and threat inspection is not done on the SSH tunnel session"I...
I have read about tunnel monitoring and DPD however is there any way to receive notifications when a tunnel goes down?
Hello,I am sure that a check-box of Certificate for the Secure Web GUI option show on PANOS-5.1.x But it does not show on PANOS-6.1.0.Where is a check-box of Certificate for the Secure Web GUI option on PANOS-6.1.0 ?Please someone help me.Thanks,KC L...
Hi All,Was messing with some url filtering at home and discovered if I tried to block *.youtube.com videos the page was still loading on CHROME, even though palo alto logs showing blocking.I am running PAN-OS 6.0.5On firefox and safari it was blocked...
If we are retrieving a list of IP's via Dynamic Block List to Allow and/or Deny traffic, what would happen if the web server hosting the .txt file is inaccessible during a refresh? Would the DBL object lose all of the IP addresses and render the rule...
Hello,We have policies (geolocation) which only allow connection from Spain and Andorra.In many cases the IP addresses identified by geolocation, is not properly updated and sometimes Palo Alto identifies an IP like another country rather than as Spa...
on:
File types need to block
on:
Security Advice on SSH & SSL/TLS week ciphers
on:
Upgrade PA-3200 from 9.1.7 to 10.1.3
on:
Not able to view Anti-Virus updates under dynamic updates
on:
PA-220 Generations / Versions
| Subject | Likes |
|---|---|
| 3 Likes | |
| 3 Likes | |
| 3 Likes | |
| 3 Likes | |
| 3 Likes |
