PAN HA P/A with GLBP on core

Hi Everyone,

Is it possible to setup a passive/active HA setup when the core switch pair are using GLBP to load balance end-user traffic ? Essentially, I will have two cores in A/A and the PANs in P/A. I am using PA-500s.

Panorama connectivity issue

Hi everybody,

When I configured my new firewalls to register with my panorama, they didn't appear.

I checked the following points:
- Connectivity between my firewalls and my Panorama : OK => I do some packet captures on both side
- TCP bidirectional t

MT 3.1 and CheckPoint VSX

We're running a really old version of CP 71.40 running VSX with multiple virtual firewalls.

This document describes where to get a config file from, but this does't account for a virtualized enviornment and the file nor directory exists for these v

Resource-unavailable for http traffics

Hi All,

Some of the sessions are ended with Resource-unavailable reasons. Almost all traffics in these sessions are web-browsing and some updates traffics on port-80.

All https-443 are working fine. this issue happened for 4 hours on last week. 

creating vsys

Hi ,

I would like to create , vsys for routing .P resently fw is runnin in virtual wire mode .
How i can copy the same policy which is in another vsys

Thank you

what ports updates server is using ?

customer can not update lic through  method of Retrieve license keys from license server, Maybe their ASA stop some ports.

I want to know updates.paloaltonetworks.com is using what ports. Expect someone can help me !!!

User ID agent or agent less?

Hello

What is recommended approach to configure User-ID, agent or agentless? My scenario is, I have two centralized DC in HQ and there are 22 remote sites having two local DC each.

Also in case of agent approach, what is the best practice, where to

PAN-OS SSL Certificate Expiration

Hi,

I am currently install  6.0.10 ,and content version 548-3081

still do i need to upgrade to 6.0.12 before the expiry

Thank you 

URL Filtering for Roaming Devices

It's my first post on the forum here. I've been working with PA products in the enterprise for about 2 years. 

Just out of curiosity, what are organizations doing for company owned roaming device URL filtering (if at all)?  Obviously one option i

Palo Alto firewall interface not coming up ..it is going though gigamon

During the firewall migragration our Palo Alto link did not come up.

When we check it is going though gigamon and not coming up ...not sure what to do for that ..need help/guidance ....