Can you have an Inter-VSYS shared gateway on a VLAN or subinterface?
I see you can have an interface assigned as a shared gateway for inter-vsys traffic but can you do that at a subinterface or vlan level? Dana
I see you can have an interface assigned as a shared gateway for inter-vsys traffic but can you do that at a subinterface or vlan level? Dana
I cam across a scenario where we need to migrate a virtual system from a PA device to another . devices are the same model . Is there any suggestions ? what is the best approach to this ?Also , if a PA device is running virtual systems how we can add it to cluster ? what happens to VSystems ? do they automatically replicated to the other node ?
Hello folksI have a strange issue in my lab , here is the scenario :VM-100 on ESXi PAN OS 7.0.5Inside interface connected to internal zone (10.0.1.0/24 network) outside interface connected to my home firewall ( 192.168.1.0/24 network) Interfaces have IPs on the same range as their zones : 10.0.1.10 inside interface , 192.168.1.10 outside. Modem ...
I want to find a way to tell which address and services objects are not applied to a NAT or security rule and which NAT and security rules are not getting used?Any Ideas on how to get this information?ThanksBane
For every wildfire-virus signature tripped in Threat logs should I expect to recieve a corresponding wildfire report in the Wildfire Submissions too? Could someone answer or point me to documentation please.
Hi, I'm not able to access to firewall once after upgrade FW from os version 6.1.4 to 6.1.10, any known issues or any possiabliity that FW gone to maintaince mode else reboot loop mode?? Please assist. Regards,Kotresha
After migrating from an ASA to PA3020, users reported that web pages were not fully loading. The issue was seen on the ASA but rarely. The PA3020 has been showing this issue more often than not resulting in a work around being done on the webpage. The trouble appears to be tied to how the F5 and Palo communicate. With caching enabled, the pr...
Hi,This is an really good tool for managing dynamic lists.So far I have tested a basic setup and I have a few comments/suggestions. * How do I change the ssl certificate for MineMeld.* Will you also implement domain blocklists soons (currently running 7.1 beta).* How about making our own miner. Information about this.* Will you also support ipv6...
Hi Luigi, .yml file for DagPush node in /opt/minemeld/local/config shows password of the device in clear text. It should be at least hashed. Thanks Regards, Bertrand
Is VMware ESXi with vSphere 6.0 supported?The technical documentation for the 6.1 virtual appliances states: "VMware ESXi with vSphere 5.0, 5.1, and 5.5 for VM-Series running PAN-OS 6.1."And the 7.0 documentation states: "VMware ESXi with vSphere 5.1 or 5.5 for VM-Series running PAN-OS 7.0."I've not found any information regarding ESXi 6.0 in an...
This is two parts:1) I configured Destination NAT rules and corresponding Security Policies to allow inbound access to servers on private LAN. These all utilize the Primary ISP public IP address. If I want these internal servers accessible over the Secondary ISP (as we already have configured PBF failover to the secondary ISP should the primar...
I am putting a PA firewall in our datacenter and am looking to have the firewall advertise the protected subnets out to the rest of the network. However, the rest of the network uses EIGRP, so the datacenter switch and the PA firewall will need to be setup for OSFP in order to have the routes advertised. I am thinking the PA OSPF instance wo...
How can I properly block youtube, because it's bypassing a PA-3050 on port 443 (https://)?
Unsure quite how to phrase my question. Under Policies >> Security: I have a Rule way at the top for McAfee ePO; tcp; port 8443.Settings that I have set are: Source Zone: Trust Source: IP address for a specific internal host Destination Zone: Untrust Destination Addresses: 2 different unique external hosts Application: any Service:s...
So are there any response available from PAN regarding the topic which you can read below? Like when are updates scheduled to be released, any mitigations you can perform before updates are available etc? Or are they already disclosed (and fixed) over at https://securityadvisories.paloaltonetworks.com/ ? Im thinking of: https://www.troop...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 2 |

