The NGFW User-ID and Terminal Server (TS) Agent Self-Signed Certificates will expire what is the action needed(PAN-OS 11.1)
Hello,
We have a case open for this that has been turned over to internal dev but I thought I would post this here to see if anyone else was experiencing this issue. This on a 5260 running 10.2.7-h3.
We been tracking down this issue for a long tim
...
Hello folks,
I am not sure when this happened but I suspect it when we upgraded to PAN-OS 11.1.3.
On my PA-3250 when I go into Network > IPSec Tunnels in PAN-OS, and then click either IKE Info or Tunnel Info, I am no longer able to restart the connec
...
In Cisco Expressway Series with Single NIC Deployment, the Cisco Expressway Core must be configured to point to the Fully Qualified Domain Name (FQDN) of the Cisco Expressway Edge, this FQDN must be resolved to the Public IP of Cisco Expressway Ed
...
Hi All,
I need to create a S2S Tunnel to a customer. We need to reach 1 Server on their side (e.g. 192.168.100.1). The connection is needed from multiple Hosts from 2 different Subents on our Side (10.0.112.0/21 and 172.18.2.0/24). The customer does
...
I am wondering if my server dies, can I host DNS on my PA-220 or PA-440. This would be great and would not have to have physical box anymore.
I am currently in the process of planning to upload a custom webpage to my Palo Alto device. However, I would like to automate this process through an API call. I have the HTML content for the webpage stored in a variable and I would like to upload i
...
Hi
I plan to apply Vunerable Protection to the customer's firewall and at the same time decrypt outbound traffic.
However, the customer's network environment already includes encryption and decryption equipment.
And the customer wants to apply the
...
Hi All,
We have a block for Proxy Avoidance and Anonymizers on our DMZs. But we are able to see that the users can access Surfshark VPN on our SDWAN.
Also, I am unable to see any logs on the firewall.
Could anyone please help me on how we can b
...
I have security rules in place to block applications such as 'msrpc-base' and 'ms-rdp' from exiting the network. However, I still see logs showing traffic egressing to ports 135 and 3389 with the application being listed as 'incomplete' and session
...
Hi guys,
we have one core Palo Alto firewall and round about 50 Palo Alto firewalls at customer side.
All firewalls are managed by one Panorama and on all devices are running PanOS 11.1-4x. The sd-wan license is activated and the sd-wan plugin version
Good Day,
Recently I implemented layer 7 filtering and have been doing an investigation into the hardware usage impacts this has on the device.I have two configs, one with layer 7 filtering and one without. I also have a script that polls the devic
...
Hi,
We recently upgraded our Palo Alto 1410 Firewall to PAN-OS-11.1.2-h3 from PAN-OS-11.0.4-h1.
After Upgrade there was no incoming traffic from external networks. There were no hits or logs showing incoming traffic.
Internet Outbound traffic was g
...
Hi
I recently compared the H/W architecture of the PA-3200 series and the PA-3400 series and had a question.
Looking at the architecture below, it appears that N/W and Security Processing, which were previously separate, have been merged into o
...
TomYoung
on:
PAK source & activation 445 series firewalls
