Migration from Juniper to Palos

Hi all,

We're in the process of migrating from Juniper ScreenOS devices onto our new Palos and I have some questions about ALGs and service timeouts.

On our Junipers, there were a couple of ALGs that we had to turn off due to them mangling the applicat

TCP 135 traffic coming from firewall IP to internet ip's?

We received notice from our ISP of flagged traffic coming from our firewall's internal ip address to many internet ip's via tcp 135. User ID is turned off on the public facing security zones. We are on PanOS 6.0.0

Anyone else seen this? I set a securi

Are the Services for URL filtering/Threat/Antivirus the same across all devices?

I'm looking at replacing my older PA boxes and see many improvements in the physical capabilities of the newer devices. As I was looking at the full range, I was wondering if the services for each device is different.  Are the URL Filtering, Threat P

PAN Bandwidth Monitoring & Reporting

Hello,

is there a way to generate a bandwidth usage charts from the web GUI or CLI (in Mbps)? I need to be able to show what applications are consuming bandwidth at certain times during the day.

The current usage reports in Network Monitor tool only sh

Troubleshoot sending iCloud email

I have just installed a PA 3020 and it's great. I'm still pretty new to the device though and need some help troubleshooting iCloud email. I can receive iCloud email on all devices. I can send iCloud email from a browser. But I can't send email from

Internet Edge Placement

Hi all,

We are in the process of re-designing our network topology and I have a question regarding the placement of our Internet firewall:

- place the PA firewall directly on the Internet (with default gateway pointing directly to the ISP's gateway)

-

Upgrade to 5.0.11 = High Amount of Global Protect Failed Auths

We upgraded one of our 5020's from 4.1.13 to 5.0.11 about 2 weeks ago.  Ever since then, we have been seeing an unusually high number of failed auths from Global Protect.  Has anyone else experienced this?

The attached graph was made in Excel.  I used

Shared Policy Zone Check

The Shared Policy option in Panorama is most useful, however I have found an issue with it which I think could be resolved in one of two ways, what I need to know is do either of these two ways exist?

Scenario

When using the Panorama Shared Policy to p

Causing change in ARP Table Entry (PAN-OS 5.0.8)

Hello Everyone,

   One of our Application Support Teams were trying to move from using servers being an ACE to servers behind a NetScaler last night... as part of the ensuing situation I was asked to check and if necessary clear the ARP Table on the P

What are the subscription licenses happened if the hardware license is expired?

Dear all,

As the title, for an example, I had a box and it's hardware license (as 'Premium Partner Support" license) is expired now, but the "Threat Prevention" or "Wildfire" license are available, what the box will be?

- We can also update the signatu

known and UNknown BUGS

Hi All,

Have You any information about known and unknown (if it possible of cos'      ) bugs that not published at the time?

Alex

TCPDUMP shows syslog traffic going to a specific destination - How to figure out what is sending it there?

I am hoping this is an "easy" question that I am just missing having been on calls since 4:24 am this morning :smileyconfused:

I have used tcpdump to confirm that one of our PAN firewalls are sending syslog traffic to a specific destination (w.x.y.z)

What does "Count" column mean in the "User Activity Report"?

What specifically does "Count" column mean in the "User Activity Report" ?

If the the number in the "sessions" column reads 4.8k, specifically what does that mean in a user activity report?

See the example below.

Application           App Category