Active/Active HA managed by Panorama

In the Active/Active HA setup, there is an option to "Enable Config Sync".  In the past I have used this because I didn't have Panorama.  Now I have a new set of PA5050s that are running in Active/Active mode and we purchased Panorama to go with it. 

Large Scale VPN (LSVPN) - Opinions from end users?

I'm looking for feedback from customers who have deployed LSVPN on PAN-OS firewalls. I'm getting ready to rebuild a highly manual, semi-fullmesh VPN infrastructure of abotu 10 sites. Yes, I have a mess on my hands.

I am planning on a dual-hub and spo

HA strange behaviour

Hi, we have a cluster Active/passive PA3050 in PanOS 7.0.9. Yesterday we realised that one of our firewalls was having a strange behaviour (event HA), and this morning this FW was in maintenance mode, i had to reinstall the image 7.0.9 and cluster is

Zone Protection stats

I have recently setup/enabled some zone protection on one of my interfaces. I have set the values high since I have no way of knowing how much data is actually passing the interface and what threshold would trigger the dropping. Now that its running ...

Error login in back pages

Routing through same interface

HI

just ran into a very weird issue today.  A PA running version 7.1

The PA has IP 192.168.1.254 and it is the default gateway for the network. There is another network 192.168.2.0/24 reachable through 192.168.1.200. There is a route in the PA that s

Refresh FQDN failed

Hi guys,

I have a big problem.
My PA failed in refresh fqdn task and now the PA can't resolve Fqdn object.

My dns Setting are good and there is no drops between PA and DNS server.

Any advices?

Thank you!

Refresh FQDN failed

Hi guys,

I have a big problem.
My PA failed in refresh fqdn task and now the PA can't resolve Fqdn object.

My dns Setting are good and there is no drops between PA and DNS server.

Any advices?

Thank you!

Users randomly getting captive portal?

We're running a regular User-ID agent against our DCs.

99% of the time things are fine but we're getting calls from random people that every so often they're suddenly getting prompted to authentiate by the captive portal on the PAN and we cannot unde

NAT sessions troubleshooting

Hi,

is there a way to troubleshoot the NAT sessions in real time?

i know i can use , for example:

show session all filter nat-rule NATRULE

to see if i am hitting the NAT rule, but i have to keep issuing the command to do that. Is there a similar thin

pa200 connect to dsl modem

I want to connect PA200 to a netcomm wireless modem. I haveseen config where dls modem and wireless router are separate. Need help with connecting PA200 to netcomm box.

Multi Critera Show Command

One problem I'm running into with the Palo cli is the ability to search the configuration for configuration matching on multiple criteria.  For instance, I'd like to display output showing all disabled security policies that include a description.

I c

Port forward does nt seem to work

HI

imagine this scenario:

Internet 1.1.1.1 PA 2.2.2.1  ----  2.2.2.2 ROUTER 3.3.3.0/24 network

I am forwarding all packets received to 1.1.1.1 https to 2.2.2.2 https which then re-nat to 3.3.3.0/24 host

With a stupid dlink 50$ router instead of the P

Palo Alto 200 Setup for home use

I have been given a PA200 to setup at home to get myself familiar with Palo Alto firewalls.  I have a cable modem and wireless router that will need to be connected to the PA200.  I have followed the instructions on this article to get it setup:

https