Hi team,
Is it possible to change the way Palo Alto links a group on AD? From CN to SID??
Cheers,
I'm experiencing an issue with internal users unable to access some banking websites/URLs. Users can access these sites over the VPN (Global Protect) but can’t access these sites from the office/Internal.
I then created a URL Filtering category (ad
...
Hi,
I would like to know if IKEv2 phase ia compromise because of weak encryption in proposal, malicious user can access to all data sent across the VPN connection, which may include passwords and sensitive file ?
Or
Malicious user only know phase 1
...
Hello!
I want to send webhooks from paloalto 5220 (panos 10.2) to google chat (about the commit). I found the following document https://live.paloaltonetworks.com/t5/log-forwarding-articles/pan-os-8-0-http-log-integration-with-slack/ta-p/172093.
But I
Hi guys
I am a bit lost in our own network...... We have a PA-820 Cluster in active-passive mode. It is running for maybe 7 months now. Each firewall has 2 uplinks to our 2 core switches and 1 downlink to the access switch (with subcontractor on it).
...
DHCP allocation is showing blank on Palo alto on version 10.1.8. please suggest
Hello,
We have a problem when trying to delete vsys1 from the FW. Customer enabled multi-vsys and they had two vsys configured. Right now, due to topology changes, vsys1 is no longer required so customer would like to delete that vsys.
The thing
...
Hello all,
Customer has a problem were their PaloAlto suddenly declares all neighbors adjacencies down, after that the PaloAlto will do a grateful restart and the OSPF neighbors will change to init, and then go full again, this OSPF flapping lasts
...
Hi,
I've just been reading about the new proxy capabilities with PAN-OS 11.0.
I could find any mention about ICAP support. Is ICAP supported?
Thanks,
Ben
Hello All,
I have Palo Alto 10.2.3, and also 10.0.3 as a test. I used RADIUS to authenticate to the admin UI, then the RADIUS server sends a challenge, this is being handled normally by 10.0.3 but 10.2.3 seems to timeout although on Monitor it shows
...
Hi All,
I have a requirement.
Palo DHCP reservations direct mac to ip- say 50 (changed occasionally enough to be annoying)
I want a Dynamic group that skims the content of the reservations and permits in only those in an ACLs. Its painful to keep do
...Does anyone know about the alert. MLAV: Authentication or client certificate failure?
Hello,
I have been working with Cisco firewalls for the last 20 years, but I'm very new with Palo Alto and PANOS.
At the moment I have a PA-460 in my lab for learning purpose.
It's a basic setup with just a simple NAT/PAT rule for outgoing traffic
...
Is there a way to identify what traffic is hitting a specific App-ID Override policy?
We have several poorly configured App-ID override policies I'm trying to clean up and consolidate but they override to the same custom application, and it is not
...
Hello team,
I have a valid advanced URL filtering License - but when i navigate to URL filtering it says error "License required for URL filtering to function"
Do i need to get PAN-DB url filtering license too ??
or is there some setting which
...
PavelK
on:
Is it possible to upgrade PAN OS- 11.0.2-h2 to 11.1.2-h3
