GlobalProtect Client reports Gateway XYZ: Server Certificate Verification Failed was a routing issue

Symptoms:

In my case I was using auto discovery and my client would connect to my domestic VPN gateway from a guest network. It would not however connect to Asia or European gateways manually. The message "Gateway Asia: Server certifiate verification

Suspicious login attempt found on PA.

Hi All,

I have a situation where someone tried to access Palo Alto and failed to login as the authentication was not granted. Any idea where i can go and see what was the source IP and location etc. A bit of forensics.

Any suggestions most welcome.

Im

Can I make PA3020 stop advertising default route in OSPF if its internet connection is down?

Hi all,

This my first post on here.

I was trying to see if these devices have monitor/tracking features e.g. keep testing the internet connection to see if it is still up.

I want the PA to form a neighbor relationship with a cisco router and advertis

installing SFP modules on PA-5050

Hi I need to know the correct procedure for installing a 10 G SFP into a PA-5050. 

Can I install while they are on and running? Do I need a reboot?

Do I have to power off and install and power on?

I’ve tried to if an answer in the documentation

How to block Google Drive when Using Chrome-cached Session in Palo Alto Firewall

Hi Guys, Any idea how to block Google drive Using Chrome-cached Session they can access the drive. We tried creating a policy by application blocking google-docs-base google-docs-editing google-docs-enterprise google-docs-uploading google-docs google...

Device Config Import into Panorama removes all the objects

We have firewalls in HA and are multi-vsys. I am trying to to get them into Panorama, but as i import the config it removes almost all objects and Panorama device groups only shows shared objects. Any object that was local to to vsys does not show an

Panorama Merge or migration

Hello,

I do have 2 Panorama running with 7.1.9. 1 running with M100 physical and another one is VM. Both are having different device group , templete and devices.

I am looking for way to migrate all devices from M100 to VM. Is there any easiest/ safe

Multiple LDAP servers in a single profile - behavior

Dear comm,

when I have several LDAP servers in a profile for user authentication. How is this list utilized? Is only the first entry used? Are authentication requests distributed over all configured servers? How does it work?

Kind regards,

Rene

syslog miner - please check rule syntax

Hi,

I just cloned a syslog miner, following the guide here:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262

I can see the syslog processed counter moving, so looks like syslog forwarding is working.  I'm