Unable to access HTTP & HTTPS

When I switch from passive to active, I can't access the application via http and https. But I can ping and telnet the application via port 443

Split Tunnel - Exclude Client Application

Hello,

I am setting up a new Global Protect gateway.

We previously havent setup Global Protect (GP) before with Split tunnel so this is my first time and its not going smoothly..

i am trying to exclude client applications for some software we use. bei

videoparse.jar detected as Grayware

"videoparse.jar" is detected as Grayware in Wildfire but not found now.

why this was flagged malicious ? 

File hash : 844ccde43fa61803f1643401600e17dced86c60509ee340ae83b332a068f8dcc

VirusTotal - File - 844ccde43fa61803f1643401600e17dced86c60509ee340

PA- Security Policy Destination as FQDN issue

Dear Community,

I am facing an issue were the i have post security rule allowing the access to some FortiGuard URLs, on the other hand i am have a default deny rule with reset-both action right above to the interzone & intrazone policies. What actu

[Error]: Failed to create exclude route in Global protect

Hello All,

what could be the issue when user is not able to connect Global protect and we can see [Error]: "Failed to create exclude route" in  pan_gp_event_log.

Unable to set SSL/TLS Service Profile with Panorama

latency Troubleshooting

We have a load increase following the unblocking of an application's url. How can I troubleshoot for finding what's causing this?

User ID Anomalies

Hi,

I had a strange behaviour with some user on user ID. We have 2 site A and B and our firewall have the mapping from the same agent.

we found that user1 access site A and user2 access site B.

issue that we found that user1 is access site B usin

HA Pair - peer version too old

I have two hardware gateways in a HA pair running 9.1.19.  Ive upgraded one to 10.0 and then to 10.1.14.  It now complains that the HA 'peer version is too old' and it has suspended HA.  If i suspend HA on the remaining 9.1 gateway, HA doesnt activat

Build in tool to test throughput

Hello experts,

Im wondering if Palo Alto firewalls have a build in tool to test throughput on specific interface. We are trying to use iperf on an endpoint and test channel utilization from the firewall or if possible, firewall acting as iperf serv

Vulnerabilities

The vulnerabilities which it will show in vulnerability assessment are live or any particular time the data get updated?

Upgrade path from 10.1.13-H1 to 10.2.11-H3

I was trying to upgrade to 10.2.11-H3 and when I upgraded to 10.2.0 and then I couldn't upgrade.