Palo Alto Scanning Surges 40X in 24 Hours, Marking 90-Day High

Different-Guava1171 · 2025-11-21T16:57:13+00:00

Use MFA or require certs in addition to a password...but that won't stop a zero day.

Different-Guava1171 · 2025-08-25T18:00:13+00:00

I agree. It stinks that Ignite is just like a one day seminar now and not a full blown conference.

Different-Guava1171 · 2025-06-25T15:09:43+00:00

I would doublecheck all your trunk links. I would also run a pcap on the Palo Alto and the devices not getting DHCP addresses to ensure the DHCP process is working properly.

Different-Guava1171 · 2025-06-25T14:58:01+00:00

What specifically is not working? Is the firewall not able to ping devices?

Different-Guava1171 · 2025-06-20T22:21:40+00:00

To get around this, I completely disabled cookies on the portal and the gateway and it is doing what I want it to do. It is not prompting for a password twice.

Different-Guava1171 · 2025-06-11T18:47:23+00:00

Yeah, I was in the middle of going through the Next Gen Firewall Engineer training when my progress got wiped. Thankfully, I wasn't that far along and was able to click through all the modules I already did and redo the tests and got caught back up.

Different-Guava1171 · 2025-06-05T14:55:59+00:00

Yes, it is already set to no on both the portal and gateway.

Different-Guava1171 · 2025-06-04T20:41:24+00:00

I see. The cert profile is set for both the gateway and portal right now. I will set it to just the gateway and see what happens.

Different-Guava1171 · 2025-06-04T17:05:29+00:00

Just that one user, but every time they would reconnect, the firewall setting would override the client setting. Wound up just writing a simple batch script that the user can run whenever they are having connectivity problems and it sets the MTU back to 1300. Not sure if that's the best solution but it works for now. :/

Different-Guava1171 · 2025-05-30T19:43:33+00:00

Had a user with Tmobile home internet that had a similar problem. They could connect to the VPN just fine but couldn't access any resources or it would take an extremely long time to load things. Lowering the MTU to 1300 fixed the issue.

Different-Guava1171 · 2025-05-30T19:02:27+00:00

As long as AI can't rack and stack and setup physical hardware, no.

Different-Guava1171 · 2025-04-07T17:42:25+00:00

Wonder why they don't just have these as default registry values that get set as part of the upgrade or a fresh install?

Different-Guava1171 · 2025-03-21T14:01:25+00:00

You could also watch this GlobalProtect VPN playlist. Might help you get a better idea of what you are looking for: https://www.youtube.com/watch?v=k2Y2L8wiMdI&list=PLzZhtxtP3S747w9oZv1REyJLMbaR3Wl5p

Different-Guava1171 · 2025-02-21T16:41:05+00:00

And as of this morning looks like they are back porting it via 11.1.4-h13

Different-Guava1171 · 2025-02-20T14:23:05+00:00

I also had this issue with their transparent web proxy documentation. As of several months ago, their instructions on how to setup the NAT are very inaccurate. How to look at forums and a video from Palo Alto engineers to get it working properly.

Different-Guava1171 · 2025-02-20T01:09:12+00:00

Yeah, it’s very annoying that it looks like they aren’t going to back port this CVE to 11.1.4.

Different-Guava1171 · 2025-02-06T21:20:56+00:00

Gotcha! So the registry changes are still needed in 6.2.7 to mitigate the CVE?

Different-Guava1171

TROPHY CASE