Byte swapping needed on packet captures taken from tunnel interfaces

I noticed something odd with packet captures taken involving traffic originating from a tunnel interface (used for GP VPN clients) where the Ethernet Type header was byte swapped. Meaning instead of 0x0800 it was 0x0008.

The screen snips illustrate t

Upgrade CVE-2024-0012 and CVE-2024-3393

we need to upgrade paloalto from version 10.2.9.h1 to version version 10.2.9.h19 as a CVE Remediated

is this version will mitigate this two CVEs

logging for external dynamic lists?

Is there any logging for EDLs? I am looking for things like:

• a change in the EDL was detected
• errors in the EDL (invalid IPs or URLs)
• EDL is too large / too many entries

It would be great if I could alert on any of these.

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

GlobalProtect Machine based Certificate Access

Hi

Long time listener, first time caller.  Since we have so many brute force attacks with GlobalProtect lately, I wanted to do machine based GlobalProtect Certificate access.  Meaning we use a third party Certificate server within our environment t

Discard a candidate configuration

How to discard a candidate configuration, I changed the order of rules by mistake and I see a commit.

How do I discard it?

Allow download no upload

Can some one help me on below requirement.

Need to allow users to download only of files from online-storage and backup Category and we should restrict upload.

thanks

Facing issues in login to the portal

client gp_broker phase 1 failure commit failed

Hello,

If someone experiences an auto-commit failure after an upgrade with the error message "client gp_broker phase 1 failure commit failed," here i provide a workaround solution :

show jobs all
Enqueued Dequeued ID PositionInQ Type Status Result Compl

Finding FQDNs for blocked IP's or SSL-Inspection

Once a week, someone reports having issues accessing a site.  Today that issue involves a credit card processing page that is aging-out because there is no SSL inspection exception.  FW Logs of course show an IP address (no URL/FQDN), and the rule to

Dual ISP setup on 1 virtual router kb issue

Hello.

so I need to setup a dual ISP setup and found below kb.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLL8CAO

I know there is also one using different virtual routers but for this specific setup it seems this one is

PA-445 on PAN-OS 11.1.2-h3

First time posting so please bare with me.

Currently running into an issue that looks like a potential bug or an issues specifically with the PA-445 model (Support Case has been submitted and is in the works; but we'll see what happens) Two differe