Hi PA community.
I would like to start using third party External Dynamic Lists in addition to the built in Palo Alto ones.
Any suggestion of which IP, URL and Domain lists can I use?
Thanks in advance.
We're looking to add a dynamic block list rather than manually blocking bad IP's as we find them. I understand that Palo Alto comes with one or more of these feeds, do we know how often they are updated?
Asking for a friend.
Hi All,
After we connected GlobalProtect VPN, the GlobalProtect Client App is not asking for username and password again for the next login. We need to manually sign out from GlobalProtect Client to completely logout the user. Is it normal for Global
...
hello..
we are using UIA and ClearPass (login/loginout type) to get user-ip-mapping.
the issue is Palo Alto firewall is receiving duplicate user-ip-mapping.
user-A (using) : 192.168.1.100 receiving from User ID Agent correctly.
user-B(not using): 192.
...
Cordial greetings
Engineers
A PA-410 device with version 10.1.3 has arrived and we identified that in the monitor tab you do not see all the possibilities to see the FW logs (I attach image).
Similarly, the device was updated to version 10.2.3-h4 but
...
We currently have difficulties to remove the Device Telemetry options in any way. it seems as this Options doesn't work as expected. This issue persisted across several Versions of PanOS / Panorama
Panorama 10.2.2-h2
- When trying to remove the de
...
Hi team,
Thé number 1 operator in the region I cover is looking to change all his FORTINET firewall (1800F) with PALO NGFW. To justify the move they need some use cases from palo customer that are in the same sector. Where can I find operator custome
...
Hi, I'm new to using PaloAlto devices, we have PA-440's and don't use panorama.
We are moving internet providers so in deciding what type of connection to purchase I need to see some graphing of our internet bandwidth usage of all traffic in and out
...
When trying to import the signed cert in FIPS mode, error "import failed. Certificate chain cannot be validated, required CAs not found". This was a known issue that was supposedly fixed in PAN-OS 9.0.9 and PAN-OS 9.1.4, current version: 10.2.3-h2.
...
Hi all,
We have a requirement of GP user should access certain URLs.
But once i assign the URL category in security policy, GP user is not getting internet access..
SCENARIO 1 :
Security Policy:
Source > GP & Source user Group
Destination > WAN
A
...
Good mornin,
yesterday I enabled Advnced Routing on a VM with panos 11.0 on Azure. Immediately after the reboot both the two ipsec tunnels that I had configured with another Palo Alto and a Cisco router are no longer restarted. Have you had similar
...
The initial login works fine but when we try to open any RDP session, it gives an error as “Unable to Connect".
But when on the personal network it works fine.
Do not see any drops on the firewall, the initial connection is on TCP 443 after which a c
...
PA5220 is using 9.1.
Tried to downgrade from 9.1 to 8.1
As a first step downgraded to 9.0
Later, did the same process to downgrade to 8.1 from 9.0
Device came up but credentials are not working
I am configuring user-id agent in firewall. So created some Kerberos profile and called in user-ID agent set-up of user mapping and push the changes to firewall.
All the configurations were pushed ( server monitoring, Kerberos profile) except user-ID
Hi..
I have IPSec tunnel between Palo alto 820 and Cyberoam firewall. But It's not getting up. Neither Phase 1 nor Phase 2. Even I am not reachable to other end public ip. Suggest me.
OtakarKlier
on:
Rule Order Best Practice
