Aggregate Ethernet Considerations

Hello Everyone, 

I just want to double check my understanding of AE interfaces limitations indicated below. Appreciate your feedback.

1. I cannot mix 1G copper interfaces with 1G fiber interfaces in the same AE. Is this correct for all platforms

PCoIP traffic getting dropped because it's using SSL

I have VMWare View clients and I'm trying to set up the rule with the vmware-view App-ID, but the traffic gets dropped at PCoIP. The PA logs are showing tcp/4172 as SSL, even though PCoIP has port tcp/4172 defined.

Is this an issue with the App-I

Globalprotect and simple SSL VPN?

It appears that, after a user has authenticated to a Globalprotect portal for the first time, they are prompted to download and install client software. Does Globalprotect (or Palo Alto in general) provide the option of simple client SSL VPN? ie; whe

Upgrade 6.1.x to 7.0.x

In the release notes of 7.0.5-h2 there is now this information:

Before you upgrade to PAN-OS 7.0.3 or a later PAN-OS 7.0 release, you should review the information about how to upgrade
a firewall to PAN-OS 7.0. Additionally, if virtual system (vsys)

interconnecting two shared Gateways

Hello Is it possible to connect two shared gateways on the same firewall using some internal method and not using physical interfaces ?

Service expiry

Hi,

What are the services will e stopped  if thelicence  expired ?

Thanks

Bug in password-string when using GlobalProtect with LDAP?

We had some users, who were not able to use VPN. they alway got XML parse-errors in the GlobalProtect Agent log.

We finaly found out, that this users had '<' or '>' in theire passwords. when thy changed theire passwords in some string without these

PA-VM Update Check Fails

We have recently deployed PA-VM to ESXi for testing and we have found that any attempt to upgrade the unit fails with a very vague message.

IP SLA - but not dual ISP. Receiving and Forwarding from the same Interface.

hi, I know PA doesn't have IP SLA and i've read documents that talks about using VR and PBF to handle dual ISPs.

this works with an ASA but not sure how to do it with PA.

But there's a slight difference on my implementation and it seems to fail with a

7.0.3 upgrade

I am planning on upgrading the PA 5050 os from 6.1.7 to 7.0.3. I have been reading over the changes and I think it would be beneficial to see examples instead of description of what changes are , anyone have any recommendations

Global Protect w/ OTP RE: disconnect/recovery timer tolerance?

We have implimented Global Protect with radius authentication, username/password and a second prompt for OTP, this works great most of the time.

We have noticed that when our users connect from poor WiFi, or internet connections, there are times wh