General Topics

Resolved! Configure MAC based Security rule for SSL VPN User

Hi Team,

Is it possible to create a security rule based on Source MAC Address instead of Source IP Address?

My requirement is, I want to create a rule for our SSL VPN users which is having our Company owned devices only connecting to our network.

Do yo

...

Resolved! Query on Advanced feature use for GlobalProtect

Is there a session limit on number of active connections while using GlobalProtect advanced features?

Currently the PA box 3220 supports 1024 concurrent SSL connections and has a GP Gateway Advanced license installed.

Can we configure pbf in shared gateway ?

We have configured two ISP link in Shared gateway (sg)

ISP 1 : sg1

ISP 2 : sg2

All LAN subnets are different Vsys. For internet access we are using shared gateway for all Vsys.

We have configured pbf rule in each Vsys for accessing internet over ISP 2 ,

...

Resolved! PA-220 Throughput Explanation

Can someone please tell me the maximum Upload/Download speed in megabits per second for a PA-220 with app-id and all threat prevention/ips features enabled along with an ipsec tunnel? The data sheet is a little confusing and I understand that it base...

help with subnet bandwidth usage report

as you know QOS show you live statisics for the class and how much bandwidth it is using , my need is to get historical data for the same thing but like throughout the last month? is that possible?

Resolved! PA-820 Global Protect capacity

Hello guys,

I want to know how many users can connect via GP VPN concurrently on PA-820?

thank you in advance!

Resolved! Concurrent users of Palo Alto 3020 SSL VPN

Hello, I need to know how many concurrent users the Palo Alto PA-3020 device can support. I know what has capacity for 1000 VPN tunnels (Ipsec, SSL, ETC), and I understand that the PA 3220 supports 200 concurrent SSL VPNs, but how many concurrent use...

Changes to GP Gateway IP Pool

Hello,
Any idea if following 2 changes to GP Gateway IP Pool will affect the current sessions?

1) Expand the current pool from /24 to /22

2) Adding new pool entry

How to configure ipsec vpn between palo atto and fortigate firewall

How to configure ipsec vpn between palo atto and fortigate firewall .

VPN flow is following

Remote Lan (191.168.1.0/24) >>>> Fortigate (192.168.10.2 private ip)>>>>>Cisco router(203.1.1.2/29)>>>>>PaloAlto(202.1.1.10/30-public ip)----Local lan

fortigat

...

ha_nat_policy_mismatch counter

Hi Everyone,

What exactly does the below counter indicate and what would trigger it?

ha_nat_policy_mismatch

I have added L3 interfaces to an existing A/A HA cluster that uses vwire interfaces in an asymmetrical traffic environment. The traffic on thos

...

GP Gateway Adding additional IP Address range

I need to increase the GP IP range. Is this as simple as adding an additional pool?

Bulk update of objects

I have a requirement to update the 100s of /32 address objects which do not have a CIDR. Does anyone know of a script or other means to do a bulk update of the addresses to append CIDR?

Resolved! i2c bootup errors (PA200)

A friend of mine found a PA200 at a thrift store for $5.00 (without a power supply) I plugged it in today to see what state it was in and it looks like it had a rough life... All the guts are still inside and everything is clean and connected however

...

Global Protect won't connect to Iphone MAC

Hello All,

We have Global Protect License for mobile we upgraded recently to 5.0.8 and i see my iphones will not connect.

did any one face this issue ? Works fine with windows and desktops only with iphone i face the similar issue.

Any help will be mu

...

Different deployment mode in different VSTS

Hi All,

I would like to know whether it is possible to use different deployment mode (L3 or L2) for 2 VSYS of a same physical paloalto firewall box.

We have 5620 and 5680 model.

Thanks and regards

Chandrajit

Discussions

Resolved! Configure MAC based Security rule for SSL VPN User

Resolved! Query on Advanced feature use for GlobalProtect