I read the following example of Site to Site VPN IPsec with static routing :
https://docs.paloaltonetworks.com/network-security/ipsec-vpn/administration/site-to-site-vpn-quick-configs/site-to-site-vpn-with-static-routing
In the figure the example
...
Good morning, reviewing the GlobalProtect logs I see brute force attacks from outside my country Spain. I have tried to create security policies that prevent these attempts but none have matched. In the portal configuration (external) I have tried ...
Hello team,
i have a PA3220 with PANOS 10.1.x and I would monitor FAN and power supply status via snmp.
What are the oids for monitoring these components?
Thanks for the support
BR
Hello, everyone. Our product suite now includes receiving alerts from the NGFW, in addition to XDR. It seems, though, that a single incident may include several different alerts. This seems like a strange behavior, because the list of alerts come
...
Can we confgure the Shared IP in the WAN side in HA Active/Active?
Because I read in the PAN OS Admin guide two things:
Page 410: As illustrated in the floating IP address scenario, the firewall supports a shared IP address
for ARP load-sharing on
Suspended firewall in HA pair became active after reboot ( preempt not configured on either active or backup firewall ).
Does anyone have any thoughts i lost about 15 seconds to hosts behind the firewall.
firewall PA-460 & version 10.2.7
thanks
...
I just upgraded our PA 3220 from 9.1.10 to 10.2.7 last night and noticed that there is no current data under the ACC tabs. How do I fix this?
Hi,
I am sending Palo alto netflow to a Linux server. While I capture NetFlow from the server and open it on Wireshark I cannot see appid in plain text format. I only see the hex code. I have attached some screenshot below here.
Is there any way to d
...
Is it possible that we import file using "scp import" without accept the host key?
In ubuntu(UNIX), we can add "-o UserKnownHostsFile=/dev/null" in connection string to avoid storing host key in local machine.
I understand that PA's NGFW CLI is no
...
I have deployed a new VM series PA FW, however whenever I am trying to login, it is giving 'cfg.general.need-acknowledgement-to-login': NO_MATCH
Any suggestions?
Hello,
I'm currently managing an SFTP (SSH) server.
I'm attempting to implement file blocking using the NGFW.
I've configured a decryption profile that includes "SSH Proxy".
According to the traffic logs, the "decrypt" option appears to be activate
...
In palo alto firewall. What is done first routing or nat for :
In cisco routers, for outbound, Routing first then NAT, for inbound traffic, NAT first then Routing.
BPry
on:
Block privileged accounts from accessing the Internet
reaper
on:
Need clarification on URL Filtering logs
reaper
on:
Layer 2 network extension
PavelK
on:
NGFW Threat & Traffics Log Fields
