General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 560 Views
  • 1 replies
  • 4 Likes

My own PA guides

All

I'm writing step-by-step guides for PA firewalls which are based on my 'virtual' test environment. I already have some guides available which you can find on my website (see profile for URL).

More documents will be added (soon) after when I've done

...

JohanL by L1 Bithead
  • 469 Views
  • 0 replies
  • 0 Likes

Resolved! Global Protect Setup

I have attached pictures of my current Global Protect setup. Now we have had a request to allow IPAD's, and Android tablets on to the VPN. Can I have multiple profiles? One for our Domain laptops and one for tablets? I see from the documentation that

...

Resolved! Selective cut-paste of the config

Hi,

I have to deploy 9 PA boxes. I would like to create all objects on one box and copy that section to all the boxes. How do I achieve that? The config seems to be in XML format and section cut-paste is not working on command line. So far only way I

...

smunzani by Not applicable
  • 2593 Views
  • 5 replies
  • 0 Likes

Number of supported Global Protect clients per box ?

In all the specifications sheets there is a different number listed for the concurrent SSLVPN and IPSECVPN supported clients.

eg. on a 5020

  • 2,000 IPSec VPN tunnels/tunnel interfaces
  • 5,000 SSL VPN Users

I find these number very confusing :

Globalprotect

...

Resolved! Threat Prevention Throughput

Hi,

Just want to know if there is a way to see how much threat prevention throughput is consuming? The command I use to check for the current throughput is show systems statistics sessions but I believe this is for the firewall throughput. Please corr

...

Blocking jar and class files. What about *.pack.gz?

To mitigate the threat of the non stop java exploits Ive started to block jar file and class files. Now in the data filter logs i spot *.jar.pack.gz files. Im wondering about a few things

  1. Is blocking jar and class files a good mitigation against brows
...

choff123 by L3 Networker
  • 1480 Views
  • 3 replies
  • 0 Likes

Resolved! flow_inter_cpu_nat_mismatch

Hi All,

   Noticed this Global Counter incrementing on our 5060 platforms ( running 4.1.x code ). When messing with the command "set session processing-cpu" and pointing all new sessions to a single CPU the counter stop incrementing (makes sense, no i

...

dpenhall by L2 Linker
  • 643 Views
  • 1 replies
  • 0 Likes

Shared Application Groups in Panorama Version 5

In Panorama Version 5 it can be configured that address and service objects are only applied to firewalls which actually need these objects because they are used in the policy. Unused objects are not pushed to the firewall. However we found out this

...

Anon1 by L4 Transporter
  • 654 Views
  • 1 replies
  • 0 Likes

GlobalProtect Vsys issue

Hello

I want to configure GlobalProtect Remote Access to limit the connection to a Vsys from external administration users to just the ones that uses VPN.

I have tried on a PA-200 and works but There's an error when I configure the same settings on PA-

...

Resolved! Routing Daemon

Hi All. Could you please let me know the routing daemon used in Palo Alto firewalls.

Thanks in advance.

Hari.R

Resolved! DHCP - Getting info on allocated IPs

We have our PA-500 setup on our company's public network.  This network is used by employee's personal machines and clients machines when they come into our office.

We have run into a few situations that we can see someone is most likely infected as t

...

smithp by L0 Member
  • 779 Views
  • 1 replies
  • 0 Likes

Need another BGP instance on Virtual Router

So I need another BGP instance on a virtual router of mine... but ive read that its not possible


Admin Guide

The firewall provides a complete BGP implementation that includes the following features:

Specification of one BGP routing instance per virtual

...

choff123 by L3 Networker
  • 1460 Views
  • 2 replies
  • 0 Likes

Resolved! PanOS 5.0 on-device User-ID agent

Hi,

I have installed a PA200 with PanOS 5.0.2 and on-device User-ID agent. I have connected my device on a network with a DC Windows 2008R2 and I have configured User Mapping and Group Mapping Settings as explained in the Getting_Started_Guide_PanOS 5

...

lauro7 by L0 Member
  • 1091 Views
  • 2 replies
  • 0 Likes

Resolved! Problem with interzone U turn NAT

Hello,

I followed the instructions in the paloalto "understanding NAT-4.1RevC" pdf for implementing U turn NAT.

It works when I try to access a server in the DMZ from the trusted zone via it's public untrusted IP.

I have now a web server which somehow t

...

Top Solution Authors