Firewall EDL URL Access Error Cortex XDR

Dear Everyone,

I would like to seek for advise regarding to Firewall EDL access Source of Cortex XDR. I have following the guide https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-3.x-Documentation/Manage-external-dynamic-lists. Howev

Palo NAT Question

About the setup:

1. Both DC's are connected to partner via IPSec tunnel

2. Always prefer DC-1 & use DC-2 as backup

3. Panorama mgmt IPs gateways is on core switch

4. Palos point traffic to mgmt subnet towards core switch

5. Vendor access panorama using 3.

Microsoft WNS App ID

I work with a network scenario where we have two firewall towards the internet and the desktop PCs are behind PaloAlto as perimeter and Cisco as internal firewall, so we can compare the same traffic whether it is identified properly or not.

It seem

Azure VM-300 Firewall subinterfaces and multiple VNETs

I am running a VM-300 series firewall in Azure. I currently have 4 interfaces on the device (management, HA, untrust and trust). In Azure I have 8 VNETs. I would like to send all VNET to VNET traffic to the firewall for inspection and policy applicat

How to block traffic from a specific ASN using DAG

I could use some assistance since AI sucks and gives you the wrong info.

Here's what I would like to do, we already geoblock but I need to block malicious traffic (multible IP ranges) that's associated with a specific ASN.  I've tried creating a dy

IPv6 and TLS 1.3?

I've been having some IPv6 issues (we're a dual-stack setup currently), and it seems like every time I fix one, I find another.

The latest is an issue with some, but not all, IPv6 websites. Sometimes they'll load... sometimes they'll start to load

Palo Alto wildcards for whitelist

I’m on panorama 10.2.12h-2 and have a silly question but after reading through the Palo Alto articles am a bit confused as I guess I don’t understand the difference between a URLs path vs subdomains

I'm trying to whitelist https://app.e.dnv.com/e/bfs

NAT Translations Related to VPN Tunnels

Thanks for any help in advance.  

We have many partners that we create VPN tunnels with.  To save time and to avoid IP overlap, I would like to dedicate a private subnet like 10.10.0.0/16 and route that subnet toward our Palo firewall that terminat

PAN OS integrated Use ID agent Server monitoring Status Showing "Access Denied"

Hi Team

Pan OS Integrated User ID is connected with one of our DC server with out having any issues while configuring in the other DC servers we are getting the "ACCESS Denied" in the server monitoring.

While seeing in the 

>less mp-log useridd.l

User-ID Integration with AD Failing (Access Denied / Kerberos Errors – Event ID 10036)

Hi Team,

I'm working on integrating my Active Directory (Windows Server 2016) with a Palo Alto PA-450 firewall to enable User-ID functionality. While setting up the server monitoring configuration, I'm running into issues when using both WMI and WinR

URL filtering - allows blocked traffic

URL filtering logs show web traffic that matches a custom URL category that we use to block / deny traffic to certain malicious domains, but the traffic doesn't match  the deny rule, it matches a generic rule we have for https/http traffic.

Why would