Doubt about security rule

Hi,

I have to create a rule bidireccional between two of my servers. My question is, do i have to create two rules to allow the connection in both flows, or i could only create the rule TRUST TO DMZ and the way back would be permit too?

Its a bit trick

How Does UserID work in Active-Active HA

I have found little information on how this works other than the Primary Device makes the UserID Agent connections and sends them to the secondary.

User to IP Mappings

What I have found which is of note is that when the primary sends the userid mappi

Rate limit port forwards

Hey guys,

Some of the iptables servers I'm replacing with Palo Alto firewall provide port forwards to RDP servers. In order to prevent abuse, they were rate limited, such that a single IP can only connect a few times before being blacklisted for a few

ldap user authentication in security policy not working

i have configured  ldap server profile with "base=" and "basedn=ldap string " and domain= blank.

in group mapping under available groups only groups are there and no users can be viewed. i have included two groups here. which  is added in security pol

Automated alerts when Log Forwarding stops / freezes?

Hey Community -

Wondering if anyone has come up with a good way to automate an alert / alarm when there is an issue with a Firewall reporting to a DLC (distributed log collector)?  We have about 27 firewalls all of which send to 1 of 4 log collectors

WildFire Capacity Issues - Confirmed by Palo Alto SE

Apparently Palo Alto have confirmed that there are times when WildFire is simply too busy to serve all update requests (we've been seeing frequent failures).

Can anyone from Palo Alto comment on what the capacity situation is, what is being done to re

PAN-VM license upgrade from eval to full with HA setup

Hi,

I have two PAN-VMs in HA setup running on eval license and just got my full license Auth code but it seems like going from eval license to full license  can not be done seamless. I have read about the cloning procedure but need to know how I shoul

URL Filtering Log shows FORWARD

Hey All -

I have several URL-Filtering logs that come through with a category of FORWARD.  Everything else is blank (URL, From Zone, To Zone, etc.).  Can anyone shed some light on what this means?

Thanks!

Matt

Decryption certificate

Hi,

I have a PA500 (OS 5.0.11)

I already configured it for SSL Decryption with a self signed certificate.

I need to use a Digicert Certificate. I already have a wildcard certificate with Digicert.

Question is: can I use my wildcard certificate for SSL De

FTP

How can I verify whether port 21 ftp traffic is being blocked by the PA 302?

Tunnel

I have a vpn tunnel that works fine most of the time and then is just goes down for no reason any suggestion