Hi,
Have anyone tried to configure different HA setup for different VSYS? Let's say VSYS1 is active/active and VSYS2 is active/passive.
Thanks,
MBS
Hi there,
for a special reason I need to setup a dedicated VPN Gateway for the built in iOS/OS X VPN client. Before I start to setup a Linux System for that I would like to find out if it's possible with PaloAlto or not. In the past there was a X-A
...
Hi,
We have a cluster PA (Madrid) in version 5.0.14, and two PA in stand-alone (Singapur, Miami) in version 7.0.6.
We just commited the panorama config but we got a error in cluster PA Madrid.
Panorama in 7.0.6 can handle firewalls in version 5.0.1
...
System log fills with messages like "Failed to resolve domain name:defrxpwgklm.capco.com after trying all attempts to name server(s): 8.8.4.4 194.25.0.68". DNS without dnsproxy is working. Can i restart the dnsproxy to fix this issue?
The messages ar
...
Hello Community,
Can someone please let me know if Palo Alto have any documentation examples of setting up access to a webserver from the Internet that resides in a DMZ?
Thank you
Carlton
Hi,
We are planning to upgrade the User-ID Agent from version 6.0.6-4 to 7.0.3-13.
Three PAN-OS are running with version 7.1.1, 7.0.5-h2 and 7.0.2 use the same agent server.
Is version 7.0.3-13 will work with PAN-OS version above?
Hi All,
Recently had a client upgrade their Global Protect Agent to 3.0.0 from 2.2.2.
When connecting to the Gateway they would encounter the following message - "Server Certificate verification failed".
From 2.1.0 you had to ensure the External
...
Is it possible to use interfaces on PA-5020 as span or mirrored ports of other active interfaces on the same device?
Hi I'm attempting to implement userID on PAN-OS 7.0.6 within a multi-domain forest.
All of our workstations exist on one domain and users logging into those workstations exist on another domain within the same forest. I have the UserID agent setup
...
Hello Community,
I have set up a lab environment shown in the below below that is meant to allow access from 192.168.1.X to the sever 10.2.2.1 using static NAT ip address 192.168.1.251
I have configured everything as demonstrated in the CBT Nugg
...
For various business reasons I need to allow SSH directly to a PA-3020 to manage the unit. Is there a way to apply a vulenerability policy to this traffic so that I can block bruteforce attacks?
Thanks
Dustin
Hi Guys,
I know application FTP covers both Passive and Active FTP. However, my question is how it filters the traffic. I mean how a server Intiating a connection to the client will be filtered and allowed. Can anyone help.
We have numerous PA firewalls that alert for vulnerabilities. I also have a product that scans for vulnerabilities in my network. The scanning device has CVE numbers in its events. The PA has PA's unique identifier in its event. Is there a way for me
...
Hi, i have a problem with minemeld.
Hi is there any good user guide to get this ting working? It seams that nothing i do is allowed or saved. The only thing i have done on the box is changing the ubuntu password and the root password, converte
...
I upgraded our Panorama and two PA3020's in a HA setup this morning. Afterwords I am getting the following errors committing from Panorama to our PA3020's.
reaper
on:
dynamic update failed
reaper
on:
eventid eq tunnel-status-up/down
reaper
on:
GlobalProtect Split DNS configuration
reaper
on:
Problems accessing knowledge base
Raido_Rattameis
OtakarKlier
on:
Unable to ping website, getting this site can't be reached
