Next-Generation Firewall Discussions

Resolved! I need routing between two internal networks

Hi !

I have a problem with setting up a static route between two internal networks. There is a networks
192.168.10.0/24 192.168.20.0/24 192.168.30.0/24 I want to ping between PC1 192.168.10.30/24 PC2 192.168.20.31/24 I can't figure out what I'm doi...

Threat ID 54532

Anyone have any experience dealing with Threat ID 54532? VBScript Obfuscation.

See the offenses/detections but find nothing on the hosts source or destination that reflects a vbs script. Its all internal traffic. Could it be some other traffic tha

...

Protecting Admin UI with Duo MFA

I'm attempting to setup Duo MFA with the admin UI of a PA-3220 running PAN-OS 10.2, but have been unsuccessful. I've found that the guide, https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/authentication/configure-multi-factor-authentication

...

Detection logic in content update

Greetings All,

can you explain what is the meaning of the below when we receive new contents updates :

"improved detection logic to cover a new exploit"

"improved detection logic for decoder updates"

"improved detection logic to address a possibl

...

Resolved! Absolute domain ending in .txt

HI all,

i received from an external provider a .txt list to block in my palo alto.

The list is not exactly a file ,is an absolute domain,i mean is like www.test.com/blacklist/domain.list.txt.

This will be a dynamic list,so is there some way to save t

...

Resolved! Hardware failure

Hi Team,

Can some one guide me, My Production environment Primary firewall got Hardware failure and we got RMA.

What is the procedure to add new device in HA environment ..

Thanks,

Balakrishna

Active CVE's on 10.1.6 -h6

Can anybody help me with the details of Active CVE's on 10.1.6-h6 version.

schedule for rule policy not on time

Hello

I set up a schedule for exist rule policy to be enable from 9:00 to 20:00. But I see there is traffic logs at 23.49, it does not terminate session at 20:00.

How to configure it to be enable only until 20:00 ?

Thank you

Resolved! Panorama certificates - deleted CSR

Hi all,

I was processing with renewing cert for vpn on panorama.

Generated CSR on panorama, get new cert from digicert.

During importin new cert to panorama, by mistake I deleted generated csr.

Is there any way to undelete, restore this deleted cs

...

Post fixing the firewall from maintenance mode , facing issue in log forwarding

All,

Recently our production PA-440 model firewall went into maintenance mode, and post rebooting it came back and all started working fine without any issue.

After few minutes of firewall came up, it stopped generating and forwarding (traffic, Threat

...

Resolved! Log appearing when disabling HA Pair

Dear All,

I have a question.

I assumed that logs would be output on the active firewall by removing the passive firewall side of the HA configuration devices that are in operation,

> at that time what kind of log is the output? (like, link downed?)

...