Hi
What is the best practice policy outbound from the FW itself (i.e management )?
Allow any out? *.palotalto.com?
Hello
I configured my firewall with SSL decryption. Regarding the certificate, what is the best practice ? Is-it to generate the certificate used for Outbound traffic from our internal PKI (with the problem to deploy the certificate on Linux system
...
Hello,
I have the architecture outlined below, and communication needs to be established between the machines on the network 10.1.2.0/24 via FW1 (Palo Alto) and FW2 (fortigate). Could you please offer a solution to accomplish this?
Thank you.
...
Hi! Is there a way to see Release Notes from "old" (a year old) Content Updates (Apps & Threats)? I can't see them on the PANOS Dynamic Updates tab and I wanted to know if there is some database with all the content release notes. Thanks!
Panorama
Hello All,
I would like to know what is the meaning of the typical events we observe in the IPsec details in the monitor logs.
ikev2-nego-ike-succ
ikev2-nego-child-succ
ipsec-key-install
ikev2-nego-child-start
ikev2-nego-ike-dpd-dn
ipsec-key-delete
...
I'm going a little bit crazy. I have a super simple setup, I have a Windows PC @ 10.0.0.10
My PA 440 has 10.0.0.11 as its MGT Interface and all communications between the Windows PC and the management interface work fine. I have an inside interface
...
I am evaluating the purchase of PA-460 and PA-1410. I know that their hard drive capacities are 128G and 120G, but I want to know what their panlogs partition capacity is?
Hello, everyone.
Firewall has OS of 10.2.4-H2.
When TACACS account to connect to Firewall SSH, the login succeeds, but there is an issue that closes the session immediately.
In Firewall System-log, authentication and authorization were successf
...
Certificate pinning was developped to help prevent man in the middle attack.
But what is the Certificate Pinning?
Traditionally, SSL Handshake consists on the validation of the server’s certificate, let’s say collab.com. The validation is done us
...
Microsoft Defender has a lot of endpoints it seems. I started a custom URL list with all the URLs needed for defender, created a policy in a global device template and said "Allow any source, any destination, using SSL, Web-Browsing, and windows defe
...
Hi,
I have created following topology in PA (10.1.0) virtual lab to test "Layer 2 Interfaces with No VLANs".
Topology :- PC-1 --> L2 INT(None) - PA-VM - L2 INT(None) --> PC-2
I'm unable to establish connectivity between PC-1 and PC-2. Both Ingr
...
First time posting so please bare with me.
Currently running into an issue that looks like a potential bug or an issues specifically with the PA-445 model (Support Case has been submitted and is in the works; but we'll see what happens) Two differe
...
Hi,
I have an issue with PAN URL Filtering, where I still able to access website that has been blocked.
For example:
If I open http (http://nanime.live) the website is blocked
But if I open using https, website can be accessed
When I check on mon
...
I am using pan os 11.1.2h3 and after upgrade this os, I seeing that some ad user disconnected and they unable to use internet. after pc sign out and sign in again then getting internet and source user getting connected
TomYoung
on:
Not able to check now new content for dynamic updates
OtakarKlier
on:
Multiple ARP requests bringing network segment down
OtakarKlier
on:
Dynamic Decryption sources
Raido_Rattameis
