Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
1) We have several PA-3020's running 6.0.1 in our organization with only a few admin user accounts which integrated with AD, so audit wants to know if we can delete the generic accounts like "admin" or "panorama"? Any negative implications to doing
Hi Guys,
Following on from my last post - Site-to-Site VPN - Palo alto to Cisco Router issue
i am experiencing an issue with my PA VM100, there is nothing in the traffic logs....
this is running on VMWare workstation 11
But there is traffic flowing thro
...
Hello,
I am new to PanOS devices, we recently got PA-200 router which is quite different from classic routers. Long story short - my problem is SSL traffic, I am trying to prioritize our traffic since for now we have only 10Mbit link, we have people w
...
I have a client that currently uses an ISA server to restrict access to back-end web servers. The users authenticate at the ISA which then redirects to the back end web server.
Palo Alto firewalls were sold as replacing this authentication mechanism
...
I have a PA-3050 and I need to add more QoS interfaces...I receive a message that says "constraints failed: Maximum number of interfaces reached". I can't find any documentation that states there is a max. number of QoS interfaces...where is it? If t
...
Hi,
We're facing an architecture where there are multiple address that needs to be used for a specific pool of IP from the LAN interface.
Let's supose that we have 3 IP PUBLIC address 10.X.X.2; 10.X.X.3 and 10.X.X.4 and the gateway has the IP 10.X.X.1
F
...
Dealing with my first experience with Palo Alto Firewalls. I am working with the vmware appliance version. I have two rules/policies current configured. One allows all traffic outbound and the other allows only ms-rdp traffic inbound. This is a la
...
Hello
I have a PA500 firmware version 6.0.7.
All interfaces are used, can I create a subinterface? I need to make a new segment. What is recommended to do that I need?
Thank you
I want to create an exception action for a specific antivirus ID (which happens to be outbound traffic). The default action is “alert” and I want this one ID to be “drop”. This is possible for the spyware and vulnerability profiles, but my problem is
...
Within the past couple of days I am starting to get reports from users that while trying to sign in with GlobalProtect they are receiving the following error:
Gateway X.X.X.X: Server certificate verification failed
No changes have been made on the PA.
...
I need to create a report of the number of users connector, but manager reports only allows me to order maximum 500 records, I need to create unlimited.
Hello, :smileyinfo:
We have a double ring structure and we are trying to implement the most appropriate settings for the Wildfire, according to the scenario that we have.
-A Cluster 2 firewalls External *OUT*
Model PA-500
WildFire Version 52587-59292
...
Hi,
please tell me, how can i block tor in pa device,
i create a rule with tor and tor2web , i set action to block but it is still runnning , it block skype too
IS that normal
thank's in advance
Regards,
Will RIP run over a VPN tunnel? I have a site to site to site VPN tunnel set up and an IP address set on my tunnel interface. I can ping the remote tunnel interface but I do not see the remote tunnel interface as a peer under RIP.
Found an issue on a customer's firewall. For some reason, the “source user” becomes unknown while students are using a web application called Istation. When that happens, the web traffic for that IP address becomes blocked by another policy. She w
...
reaper
on:
Tunnel Monitoring
reaper
on:
Global Protect need to ask for password all time we connect
reaper
on:
GlobalProtect Android version 13 issue
