RealNetworks RealPlayer MPG Width Integer Underflow Vulnerability - 91059

Hi Community,

A MPEG file trying to sync on One Drive but is being blocked by Palo Alto. 

Here is the signature RealNetworks RealPlayer MPG Width Integer Underflow Vulnerability - 91059 being the reason.  File is legit, what could be the reason o

Firewall Policies App Dependencies Order

For app dependencies is it better to include the dependency in the policy with the dependent app each time or to make an allow rule for all dependencies first? 

Say I have two app policies for different apps that each use SSH. Should I include SSH

Firewall query

I have a Meraki that has a SVI for vlan 5, 172.18.5.2 and it's trunk to a firewall that also has an SVI for vlan 5 172.18.5.1. There is a default route from Meraki pointing to 172.18.100.1 which is on the firewall. Meraki has an SVI 172.18.2.1. Serve

Can Policy-Based Forwarding be detected with the following OIDs?

I have set up Policy-Based Forwarding on PA-220.

We would like to be able to detect alerts on the monitoring server side via SNMP trap when a ping drops and the path switches in Path Monitoring.Can the following OIDs be used for detection?

panPBFNhUp

Failed to Validate Client Certificate" Error with User ID Agent

Hi Community,

We’re encountering an issue with our Windows-based User ID Agent installed on the server. Specifically, we're receiving the error message: "Failed to validate client certificate: No connection found."

Here’s what we’ve tried so far to r

Licensing issues

Transfer license

Is anyone having issues transferring license from one device to another even if it is the same model? We had one device (an 820) that started experiencing issues and the license had just been renewed. We then moved another 820 to that location with a

PA outbound security policy - Terraform to AWS console

We have an on-prem dev environment with outbound access through a PA-3220 running 11.0.4-h6.  We are trying to craft a rule to allow an on-prem src to connect to AWS console to run terraform scripts.

We've tried using application type amazon-aws-conso

URL games allowed through while blocked

HI Gang,

Fairly new palo user here 

I'm having a headache where I have configured URL filtering to block students from accessing games. I have decryption in place however they are freely accessing those games (the site is both categorized as low

sudden reboot 11.1.6-h3

on 11.1.6-h3 we have multiple firewall that reboot suddenly. 

In the "fault.log" I can see the following error: 

"core: [Hardware Error]: CPU 0: Machine Check: 0 Bank 0: " 

The error is logged few seconds usually before the reboot. Anyone knows if th

NGFW Blocking Router Login Traffic After Policy Update – Requesting Guidance

Hi Community,

I’m reaching out for help with an issue I’m facing on my Palo Alto Next-Generation Firewall involving router login and network access control.

Issue:
After updating security policies to improve our network posture, I'm noticing that  route

Service Account used for UserID Agent

Hi Support Team, We need to ensure the service accounts used for the UserID agents installed on the domain controllers have the right active directory permissions and limit the permissions to what is required for them to function. I have the followin

Issue with Path Monitoring on Secondary ISP in Palo Alto Setup with Three ISPs

We’re using three ISPs (Primary, Secondary, and Tertiary) in our Palo Alto firewall setup:

• Primary: Ethernet 1/1 – Metric 10 (Path monitoring enabled with conditions set)
• Secondary: Ethernet 1/2 – Metric 20 (Path monitoring enabled with conditions set

AZURE Entra MFA for admin access via CLI

We are easily able to setup MFA for the Web UI for the management port vial SAML and Entra SAML auth. We have run into some challenges I was surprised exist. First here are the requirements and goals

• PA VM series firewalls in  AZURE.
• No On prem AD, IS