HI team,
We are try to reach from one zone to another zone in Palo alto firewall. We are able to reach but in the logs something weird we are seeing. the source zone and destination zone is same in the logs for different zone traffic. Is there any clu
...
A simple rule is created in my firewall, where the traffic is allowed from our servers to the fqdn which is reaiding in internet. Application is as any and in service 443 is allowed.
Sometimes firewall is allowing the traffic , sometimes it is denyin
...
Hi All,
We are working to deploy 4xPA-VM 300 firewalls in our 2 DCs. We would like to have a pair of Active/Passive firewalls in each DC. We would then want these 4 firewalls to be in a cluster as well.
Our objective is to have complete redundan
...
what`s mean below article?
https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/use-xff-values-for-ip-based-security-policy-and-logging
For non-URL Filtering logs, XFF IP logging is sup
...
Hi,
How can I find out if the site is using pinned certificate so that I can exclude the site from SSL decryption?
Hi There,
Problem Statement : We have custom URL lists(To allow Azure Endpoints only), also we have EDL(With Minemeld) integrated.
As per our Infosec Policy we should not use Minemeld feed for Microsoft as it has some of many wildcard. So desperatel
...
Hi Team,
Slow throughput issue over IPSec VPN tunnel configured between Fortigate 100F and Palo Alto.
What are the recommendation for the MTU size for the IPsec tunnel in palo alto as default MTU on the interface is 9192.
Regards,
Umesh Kumar
Hi.
So on the 10.1.6 known issues list, it still lists 220's as taking more than an hour to upgrade and has slow management interfaces. However, I don't see that it's mentioned on the known issues nor the addressed issues for 10.2.x.
Is it still an
...
Hello,
Just wondering if someone can shed some light on link persistence when redirecting through Palo Alto cloud identity engine.
In our previous config which was Local user authentication based, an automatically generated link which would open a re
...
Hi,
In firewall version 8.1, Can we input address range directly to security policy source and destination?
Thank you.
We have been receiving critical alerts saying telemetry uploads on all of our NGFWs from all locations are failing since just past midnight EDT last night. The most relevant parts of the alert are:
type: SYSTEM
subtype: device-telemetry
eventid:
Dears,
I'm Trying To implement Palo alto based on VMWARE ESXI Machine and i need to Take in place the Redundancy in Network Design.
The Image has been ttached which I am Trying to reach it with optimum solution Network Toplogy
What I can do In Palo A
...
Dears, I'm Trying To implement Palo alto based on VMWARE ESXI Machine and i need to Take in place the Redundancy in Network Design.
The Image has been ttached which I am Trying to reach it with optimum solution Network Toplogy
What I can do In Palo A
...
We have a school tied to our organization that's using a PA-850 and is running 10.1.6, and we're trying to get Battle.net working. After considerable troubleshooting, I put in a rule at the very top to permit the "zESports" zone to get to any IP on a
...
on:
Problem with PBF with two ISP and two VR
