Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real
Hello All,
Is there supported to create virtual wire aggregate group ae1 with 3 physical interfaces and another ae2 with another 3 physical interfaces, then form virtual wire with ae1 and ae2. Point of this setup is to put PA between two switches with
...
Hi Friends,
please suggest,block gmail personal ID and allow gmail official ID in palo alto.
Regards
Satish
Reading the documentation and forum posts, it doesn't appear that the PA is using LACP, therefore, it's not using one of the 3 common LACP load balancing algorithms.
Could someone describe how it's making the decision to send traffic down a particular
...
Greetings,
Say we have an interface that is configred the following way:
e1/2.240
Tag: 240
IPv4 Address (two addresses on the interface):
-10.10.100.1/24
-192.168.100.1/24
Now, if that interface is configured as a DHCP relay, which network is it going to se
...
I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possib
...
We have reports of certain users not being able to access our public website but majority of users are able to. The traffic log shows that the application is incomplete. Packet capture reveals the 3-way handshake does not complete and the session tim
...
hi,
is there a maximum number of bgp route entries supported for the 5000 series ? does it support a full ipv4 routing table ? i cannot find any docs or data sheets with this kind of limits detailed...
thanks
Has anyone had success connecting Avaya IP phones via VPN to PA devices? I am able to complete IKE Phase 1 authentication, but fail Phase 2 due to local/remote proxy IDs not found:
'IKE phase-2 negotiation failed when processing proxy ID. cannot fin
...
I would like to check a few DNS issues I'm seeing on the management port.
I had hoped to find nslookup in the CLI, but it isn't there.
Is there something equivalent ?
Thanks.
Hi,
I'm wondering whether is there a way to set the PAN Firewall to detect and drop TCP 1323 Timestamp queries to servers?
According to some web vulnerabilities scanning reports, it is reccomended to disable the TCP Timestamp as it discloses server upt
...
We've got a Cisco 7301 routers that forms OSPF adjacencies with an HA pair of 5020 firewalls. Recently I swapped this router out with a different router with the same IPs but different configs to test a new WAN connection. OSPF forms up just fine w
...
Installed the latest round of Windows (and driver) updates. 1-3 seconds after GlobalProtect connects, I get a BSOD and reboot. I've read through various memory dumps and it's always one of two issues.
pangps.exe -
IRQL_NOT_LESS_OR_EQUAL (a)
An attemp
...
Hi all,
I have a question, is it possible to write a rule that matches only a part of the IP address? For example match any IP ending in .51? Using wildcards this would be *.*.*.51
Put another way, i would like to match all IP's that are x.x.x.51 wher
Hallo,
I have defined a IPSec VPN connection with following params:
ike: 3des/sha1/dh5 Lifetime: 8 hours
ipsec: ESP/3des/sha1/dh5 Lifetime: 30 minutes (life size not set, shows 0MB)
ike gateway: main mode, DP enabled
The connection is established but in s
...
Hi All,
I have couple question in mind when I’m think about implementation PAN firewalls in Data center design. In reviewing design guide “Designing Networks with Palo Alto Networks Firewalls”, mostly where described perimeter firewall with upstream u
...
