General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

The Enhanced LIVEcommunity Experience is finally here! Learn all about it.

Forum Posts

Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this to...

jdelio by Community Team Member
  • 48 Views
  • 0 replies
  • 1 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 16756 Views
  • 45 replies
  • 32 Likes

Resolved! Destination NAT of ESP and GRE

Hi all,I'm hoping somebody might be able to help with this unusual scenario please?I have been tasked with replacing an old linux based firewall with a PA-500 device.Initially the configuration of the PA-500 should just replicate what the current fir...

dyoung by L4 Transporter
  • 2875 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect 2.3.1 and Windows 10 support

HelloI try to check it in pdf https://downloads.paloaltonetworks.com/software/GlobalProtect-Agent-2.3.1-RN.pdf?__gda__=1438918935_ba8887ff43fdf2364df6…but there isn't such information :smileysad:Could someone tell me that Windows 10 is supported ?If ...

_slv_ by L4 Transporter
  • 1550 Views
  • 2 replies
  • 0 Likes

Resolved! High Availability VWire

I am setting up a HA pair of 5060s in vwire mode between two Cisco ASA's and the internal switch. the ASAs are set up has HA.What is the best way to set up the 5060s in HA to ensure they notice when the ASA fails. I do not want a scenario where the A...

DHCP not passing thru the 500 in wire mode

I am using a pa-500 as just a web proxy, I have clients sitting in different vlans connected to a ASA5512 that is acting as the router/FW and has DHCP Relay setup and was working fine. I added the PA500 between the ASA and the other network as a web ...

jtribble by Not applicable
  • 1223 Views
  • 2 replies
  • 0 Likes

BGP setup - "max prefixes" question

We have a pair of 7050s that are Internet-connected via three ISPs. The ISPs are sending a limited set of routes (essentially the IP space they "own) down to our border routers. We want to replace the static default route we're using with BGP between...

How to configure a pa-500 with 2 inputs

I have a PA-500 running as a web proxy, The connection from the inside is a ASA-5512 (required), except that I have 2 5512's running in active-standby failover mode. How do I connect both 5512's into the PA500 so that if a failover happens the traffi...

jtribble by Not applicable
  • 2226 Views
  • 10 replies
  • 0 Likes

PA device responds to unwanted ARP requests

Hi,I've stumbled upon a tricky situation that I've managed to resolve but still don't know why PA did what it did.The scenario is as follows:1) Internet traffic comes into PA from the WAN zone, internal users use the LAN zone.2) There is a DMZ switch...

Session behaviour during vrouter changes

Hi everyone,We've got a number of virtual-routers in our PA-5050s and we're looking to do some consolidation to simplify the configuration. Basically, we're looking to reduce the number of vrouters by moving interfaces that are currently in different...

Mack by L2 Linker
  • 558 Views
  • 1 replies
  • 0 Likes

Resolved! Clientless Remote Access VPN

Hello,We've just purchased a PA-3020 in order to replace an old Checkpoint. We have a few site-to-site VPN, and some other VPNs using a Checkpoint client. I would like to get rid of the clients and use some king of clientless VPN, so I won't be bothe...

H in IP address

Hello, through panorama I am looking at my threat logs and noticed under the attacker column there is an H in front of my IP Address. What does the H mean ?

Ipsec VPN issue with checkpoint

Hi Friends,We have an IPsec VPN tunnel configured with CheckPoint firewall. Basically, when our Phase 1 expires after 24 hours, if a Phase 2 key is still within its 1 hour lifetime, we receive no response back. Only after the Phase 2 key expires and ...

Satish by L4 Transporter
  • 3809 Views
  • 4 replies
  • 0 Likes

PA-VM on ESXi - L2 Topology Design Questions

I'm looking to deploy a pair of PA-VM 200s running 7.x on a vSphere 5.5 cluster and would like a sanity check on the design.My client's network currently has one large VLAN that houses most of their servers. For the sake of this example, we'll say it...

bkeifer by L1 Bithead
  • 886 Views
  • 1 replies
  • 0 Likes

GlobalProtect commit fail on PAN-OS 7.0

help me please.config ip pool for client access but commit failcommit log messageOperation CommitResult FailedDetailsmissing ip pool from both dynamic ip pool and authentication server ip pool for config 'default' in gateway GP-Gateway (tunnel GP-Gat...

Dent by L1 Bithead
  • 2461 Views
  • 5 replies
  • 0 Likes

App downloading issue for wi-fi mobile users

Dear Friends,Need your suggestion for below issue.PAN OS 6.0.9Unable to download app from play store thru mobile.There have wi-fi environment, when mobile (smart phone ) users connected thrue wi-fi, he is able to browse internet but not able to downl...

Satish by L4 Transporter
  • 1568 Views
  • 8 replies
  • 0 Likes