Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I have a few different clients with the same issue.
I have some FQDN address objects and I assign a TAG to each of those objects. Then I create a Dynamic address object group which contains address objects with that tag. Then I add the dynamic group t
...
Hi,
In Forwarding tab under PBR forwarding rule, what interface usually Ping or monitor the IP Address in Monitor option?
Thanks,
MBS
Looking to find out more about wildfire-upload-fail. Has anyone had any of these and if so were you able to determine the root cause?
Hi, im having problem accesing to my PA (i think because of UserID). If i try with local user its ok but with my LDAP user is not working. The users cant access via VPN neither.
I can see a lot of events about "connect-agent" and suddenly "disconnect-
...
Is there a way to whitelist some URLs that would be allowed without or before authentication via Captive Portal? What we are wanting to do is allow users to access email via Office365 without having to authenticate first on the captive portal. This
...
Is it possible in the PAN to do on-demand vpn tunnels? This is used quite a bit in the Cisco world.. especially for vendors.
They often are setup so the tunnel is configured but when the vendor needs to connect for support, the end-user needs to conn
...
Hi,
We implemented PA3050 as internal firewall. We configured it as L3 and caters up to 200+ static routes. When we try to remove a single route in virtual router and commit, approximately 20 minutes before it takes effect. Is this normal in Palo Alto
...
Hi There,
Is it possible to tie together a PANOS and TACACS+ for authorization of commands? If not, how it possible to restrict access for some cisco network equipment? Any ideas?
We have Mitel IP phone systems deployed across multiple IPsec VPN sites
The voice packets are marked EF (DSCP 46) and signalling packets are marked AF31 (DSCP 26) automatically by the IP phones and PBX.
Under QoS policies, there doesn't seem to be a wa
...
I have my Palo Alto setup to send emails out on critical alerts. If someone tries attacking an outside IP I will get 60 alerts sometimes all in a row. Is there anyway to get the email alert just once that the outside IP was hit 60 times as opposed
...
We had a near miss on our PA-200. Got it recovered (thanks, support team!) by reseting to factory default and restoring the configuration, but it would have been a lot quicker if we'd had a current configuration to restore from, instead of having to
...
Hi all,
Is there a way to block only sending an email from web-based email portals(all or common of them, hotmail,gmail etc)
so that users can read their email but cannot send any ?
Hi,
With more and more vulnerabilities in Java, I would like to know if there is any way in PAN firewall to identify and blocked non latest Java traffic? The goal is to identify machines and inform owners to update their Java version. If not then bloc
...
We have set up Global Protect with split-tunnel for mobile clients (iPhone, Android). The goal is that ActiveSync is using the tunnel to reach internal servers, and all other traffic can go directly to the internet. GP is set up to distribute route
...
Greetings all!
I have updated several PAN firewalls to 6.1. Today, I noticed this entry on page 5 of the guide:
Related Log Detail View Enhancements
To make it easier to correlate log information from a session, you can now click through
the related l
...
reaper
on:
Tunnel Monitoring
reaper
on:
Global Protect need to ask for password all time we connect
reaper
on:
GlobalProtect Android version 13 issue
