Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Trying to migrate the configuration of fortinet and juniper, after loading configuration and when going to create final .xml file there were some errors. like mask and service port. After changing all object with correct port number and subnet masks
...
Hi guys,
My customer configured the Custom Report with enabled schedule so PAN automatically generated Custom Report and sending a Report to Customer Email address. It's a good work for us.
Customer don't want the report that no data contained caused n
...
This came up as a question during a class and to my knowledge there is not a way to limit the number of logged in administrators, however the student asking presented a reasonable case; In a service provider or large enterprise environment during a
...
We are a small shop and have a single PA-200 with one internet connection. We would like to add a backup internet connection using a Cradlepoint 4G router. What is the best way to configure this and how do we control the fail over or manually changin
...
How to exclude H323 and SIP inspection for Video calls on Palo Alto?
Thanks in advance !
Regards,
Velmurugan K
Recently as part of our PA-3200 deployment been going through the joys of implementing NIST SP 800-70 configuration controls which in this case means the DoD STIG's (specifically Firewall and IDS STIG, v8 r17) and running into a problem which I notic
...
I have created site to site vpn tunnels from a palo alto 3020 to ASA 5505 firewalls. The show green and active through the CLI and the web console. But when I try to ping a server on the other side of the tunnel I get no reply, is the tunnel up? Is i
...
Hello,
Anyone know the monitor interval of nfs on panorama?
In my case, there is a cluster which include 2 nfs server, everytime when the nfs cluster faliover were happened, the panorama will restart itself to change logdb, I found that all the time o
...
We are running a PA-500. Given it's abilities I am wondering if a DMZ is absolutely necessary. Note: I realize this is a wide open question, what servers are we using, what operating system, etc. I am curious in more of a "general" sense.
There ar
...
Hi all,
While trying to setup LSVPN on our HQ Palo Alto device, we ran into a U-Turn NAT issue. Let me first explain the setup:
We setup an OCSP responder using a loopback Interface on the PA firewall. The private IP address of that loopback interface
...
I am running PanOS 6.0.3. I have a decryption rule that perfectly works most of the time. However I realized that in some specific situation it silently blocks the traffic. As I am quite new on Palo Alto, I do not know if I am misunderstanding someth
...
Hi,
is there a way to mask or hide User-ID or IP-Address in ACC View for compliance reasons? I know the command "set cli hide-user | hide-ip"
Does this affect also the GUI view in ACC?
Thanks
Hi,
Just checking this will work:
users---[switch]---[a/p ha pa500's]---[switch]---ntu
So the service provider requires a PPPoE client to use the link. The SP only allows one port on the NTU to be used and only supports a single PPPoE session.
Can the P
...
Hi all,
Please help to config in PAN devices a rule to send alerts to admin when large files, say geq 100Mb, are uploaded to Internet.
Thank you.
OtakarKlier
on:
Restricted tcp flow throughput in a VPN tunnel
reaper
on:
password reset for user through support.paloaltonetworks.com
OtakarKlier
on:
Disable USB Port on Firewall
PavelK
on:
Web Auth FW with HA
reaper
on:
Negate Deny Rule
reaper
on:
Generated custom reports have different results
