General Topics

Qos

Hi,

If I have 100 Mbps internet download speed ,

If I want to shape like below

Class 1 , 10
Class 2, 5
Class 3, 5
Class 5 , 10
Class 6, 5
Class 7 , 5
Class 8, 5

Do i need to assign Reamining 45 to (default class(4))

The interface is 1Gbps

So what would be the va

Palo alto site to any vpn ( SSL vpn configuration )

Hi Everybody ,

I would like to configure a senario . Please suggest me how to proceed on this .

Devices :  1 Nexus switch , 1 Palo alto 3020 , 2 MBPS internet connection ( ISP )

GOAL : I would like to configure a Site to any VPN ( SSL VPN ) over PA 3

issues after deployed VM-PA under VMware

Hello Community,

I'm creating a lab with vmware vsphere 5.5.

I deployed two firewall with the following network configuration in vmware.

The issue is from the firewall I can to ping to my untrust and trust interfaces. But when I doing ping to the lin

PA sends a reset(RST) when TCP session is timeout?

Could you tell me when TCP session is timeout, does PA firewall send a TCP reset(RST) packet to endpoint server/client or just close and delete the session from own session table without sending any packets ?

No Traffic/Threat/URL logs under Monitor tab

So I just stood up a PA-VM-100 fw on ESXi server and everything seem to work just fine except I am not seeing Traffic, Threat, and URL logs under Monitor tab on the WebGUI. I have spent past 48 hours trying to figure this out but to no avail. I tried

Browsing Summary by URL Category

When run user activity report Browsing Summary by URL Category does not any data ,any suggestions on cause.

Thanks

Panorama - address object use in templates

In panorama I'm having to mark address objects as "shared" in order to access them in a template.  I'm curious if this is by design or if I've done something wrong.  This panorama install is brand new so I'm still learning and the firewalls I'm setti

Facebook app post/refresh issues

Hello,

Since a couple of days users encounter problems with the facebook app, all those users are using an Android device.

It isn't possible to post new messages, refresh new facebook messages and also notifications can not be refreshed. It seems that

SYN packets dropped in HA mode

  Sorry for reporting this here rather than through the proper channels  but I am not a direct customer and our service provider who could submit this through the proper channels has not (at least to my knowledge).

  Our network is behind a pair of

MineMeld + Palo Alto Networks on Dynamic Block List

Is there anyone able to share on how to configure minemeld nodes to automate resolving/capturing the “*.google.com.*” dynamic IP address, so I could integrate with palo alto networks dynamic Block list feature to identify most of the google.com IP

Connecting L3 Port of Palo Alto to the Switch

Hi there,

On Palo Alto I have configured L3 interface and assgined ip address to it. I would like to connect this interface to the switch. The switch has an SVI configured with the port in the same vlan as the SVI. Can I connect the Palo Alto interfa

Stable OS

I am currently on 7.0.7 and was thinking of upgrading to most stable version.  Does anyone have any recommendation or cautions?