Hello Experts I would like to create firewall rules from script to generate CLI commands. How to push these commands from Panorama to firewalls? Regards, GR
Hello Experts I have more than 100 policies on PA firewall with service ports and application any. Manually identifying the application for each rule from logs and creating the rule with specific application on top of that rule, is really time consuming and lot of work required. Is there any good way from Panorama or any other script or tool, I ...
Hello, I'm in the process of preparing two PA200s for our satelite sites. We are using Panorama to configure all of our firewalls and I'm trying to keep all my configs in the templates but am torn when it comes to the VPN configuration. My main concern right now is that we haven't received our IP's and routing info from the ISP and we need to...
Hi All, I have a question for you related to "Global Protect Client".On the endpoint I have a certicate installed, that is trusted by PA firewall imported from an internal CA.With this certificate it's possible when connecting to the "Global Protect Portal" via web, retrive the username and autocompile the related field on the webpage.Is it poss...
What would cause the data plane that has been running aroun 25% start running at 35-40%? Is there away to track down the reason
Hello Experts Can we group the security policies like all AD related rules in one group. This functionality is there in Juniper NSM and checkpoint. I am wondering how I can achieve this in PA. May be through tags?
Hello Experts Could anyone suggest the best way to name security policies as per their experience? Regards, GR
I am tring to move the /opt/minemeld/local/config directory to a new image of Minemeld I have running in AWS. I can scp the config directory out of my exisintg Minemeld using winscp but when I try to copy it into my new Mindmeld image it always aborts. It appears to be a permission issue but not sure how to around this. I am logged in via wi...
Hello Experts I was just wondering how firewall session is created for inter-vr communication. I have scenario like this: Interface eth1/1 (Trust-VR) Trust Zone ---LAN (10.10.10.0/24)Interface eth1/2 (Untrust-VR) Untrust Zone ---INTERNET In Trust-VR, I have 0/0 default route towards Untrust-VR, I have created the security policy between Trust to...
Hello I have scenario like firewall is connected to two routers R1 and R2 through eth1/1 and eth1/2 interfaces respectively. From firewall, traffic is going through R1 via eth1/1 interface and return traffic is coming through R2 via eth1/2. This is asymmetric routing and firewall tcp syn check will fail. My question is that Palo Alto firewall c...
Hello all, is palo alto is capable of detecting password bruteforce attempts on windows login, for example, if a user put the password wrong many times while he was trying to login to a machie inside a company, is palo alto capable of detecting this kind of activity, i am not talking about HTTP or SMB bruteforce, i am talking about kerberos auth...
Hi, this is the scenario: - ISP1 : only for GlobalProtect-ISP2 : only for Internet access ISP1 has distance 10 and metric 10ISP2 has distance 10 and metric 15 in this scenario the ISP1 interface responds to Global protect gateway/portal no problem. Also ISP2 pings, and i can access management through ISP2 public ip. If i change the metric to ISP...
We've discovered what we consider a handy feature: creating a vwire with a single interface on one side and a LAG on the other side. This lets you connect a network device with no redundant network connection capabilities to a LAG on a pair of switches for redundancy. We are using this to connect a router and a remote access box to two switches ...
http://urlfiltering.paloaltonetworks.com/testASite.aspxI am having issues getting to the test site.Are the servers down?
Hi,i'm looking for a solution for VPN, that will support authentication in Active Directory and will support Two Factor authentication with OTP.I read that GlobalProtect can provide me all features.My questions:is there any Palo Alto native VPN client or WEB client only ?if there is native VPN client: - does it support Windows 10 and OS X 10.11 ...
| Subject | Likes |
|---|---|
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes |
