General Articles
LIVEcommunity's General Articles area is home to how-to resources, technical documentation, and discussions with Accepted Solutions that turn into articles related to all Palo Alto Networks products.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
About General Articles
LIVEcommunity's General Articles area is home to how-to resources, technical documentation, and discussions with Accepted Solutions that turn into articles related to all Palo Alto Networks products.
A Nominated Discussion on implementing automatic safeguards for GlobalProtect against brute force attacks.
View full article
This Nominated Discussion Article is based on the post "How to Renew Global Protect VPN certificate signed by third party vendor? " by @tthapa23  and answered by Cyber Elite @aleksandar.astardzhiev! 
View full article
New End-of-Engineering (EOE) and End-of-Life (EOL) dates for the GlobalProtect App 5.2.X releases for Windows and macOS.
View full article
This article is based on a discussion, Dual ISP Global Protect Redundancy, posted by @DonohoeRobert. Thank you for the insight!   Hi Team,    I hope ye all are well. We recently worked a case for a customer that had dual ISP configuration and wanted the Palo Alto Networks device to provide redundancy for the Global Protect Portal and Gateways in the event one ISP went down. We came up with a handy way of providing this using NAT rules and a loopback and I am posting this to share with the community.    There are some screenshots from the lab below. Eth1/1 & Eth1/2 represent ISP-A and ISP-B.       We popped the Global Protect Portal and Gateway on a loopback interface.               We created two NAT rules to bounce the incoming traffic whether its from ISP-A or ISP-B to the loopback address.            The system has two Virtual Routers for both ISP's. VR-A and VR-B. VR-A has the loopback interface added.            Virtual Router B has a static route to VR-A which has a route to the loopback interface with the Portal and Gateway.          This simple setup allows access to the portal and gateway from either ISP interfaces. We simulated one ISP failing and changed the A record of the portal fqdn to resolve to the other interface and the users could connect without any input or changes from the end user. There are a number of ways to automate dns integrity and failover to resolve to a different ip address if it can't resolve to another. Beyond the scope of Palo Alto. Infoblox and Route 53 can provide these features. If you just have an MS server, changing the A record from one IP to another isn't a massive task.   Hope this helps few others and is nice way to provide an extra layer of redundancy for networks to big to fail.   Best regards,   Robert D 
View full article
While we embrace changes happening in our communities around the world, Palo Alto Networks wants to do its part to ensure that your networks are secure with your increased mobile workforce helps to keep your business running.
View full article
  • 181 Posts
  • 257 Subscriptions
Customer Advisories

Your security posture is important to us. If you’re a Palo Alto Networks customer, be sure to login to see the latest critical announcements and updates in our Customer Advisories area.

Learn how to subscribe to and receive email notifications here.

Listen to PANCast

PANCast is a Palo Alto Networks podcast that provides actionable insights to customers, helping you maximize your investment while improving your cybersecurity posture.

Labels
Top Contributors
Top Liked Posts in LIVEcommunity Article
Top Liked Authors