How to block a Specific `https` Site(internal DMZ) with URL Filtering

Im new Paloalto FW and welcome any advice.

I`ve applied  url block a Specific web site(internal DMZ serverfarm) From Untrust access /w Paloalto pa3020/os 6. Exist system was `https ssl` decrypted. So, when I get into the site with `http`Its blocked w

java exe Download being blocked

Hi

Turned on protection on one of my links and now it seems like  jdk-8u131-windows-x64.exe  is being blocked 

I can see this on monitor / data filtering 

category = computer and internet  info 

name Mictosoft PE

ID 52060 

I'm lost how I put in an exce

WIldFire status: Disabled due to configuration

Hi PA community,

We have two 5060 appliances in active-passive HA mode.

We also have WF-500 as private cloud and "Cloudwildfire.paloaltonetworks.com" as public cloud.

We have a problem in one of the appliances (Whether she is active or passive):

Best way to add application

Hi

I want to give my users access to bitbucket via ssh.

This is provided on port 7999.

So 2 ways I think i can do this.

create a service TCP-7999 Bitbucket

add policy with application ssh and service TCP-7999

or

I can create a custom applicaiton on po

Ideas for new and/or updated KB articles

With the ever-growing plethora of features in Palo Alto Networks firewalls and Panorama, keeping up with the knowledge is vital. In the world of Network Security, there is very little room for the 'unaware' and 'unprepared'. At LIVE community, we are

URL filtering - no response page appears with https site

Hi,

On my PA-200, I use URL filtering to block the access to some http and https site. For https sessions, the response page is serving without SSL decryption. I use this command:

set deviceconfig settings ssl-decrypt url-proxy yes

I use also a inter

Wildfire scheduled updates through Panorama

Is there any way to schedule Wildfire updates to kick off only a couple of times a day? I know we can do every minute, 15, 30, etc. Due to the connections and the environment I have 1500 firewalls I need to schedule the push to only be twice a day. I

Limting Globalprotect client access via IP address

Is there a way to allow specific GlobalProtect users to only connect from specific public IP addresses?  For example say I only wanted to allow user1 to connect from IP address 1.1.1.1, and if user1 connects from any other public IP address, or if us

How to get a historical graph of Qos Statistics

I have PAN 8.0.2 and  I would like to get a historical graph  of  the  diferents class in the interfaces  where I have applied QoS .

I do not if  I can  do that  with  PA3020 o I need  a syslog server to do it. 

what do you suggest me ?