Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
IS there a step by step of the best way to migrate from a Cisco ASA 5510 to a PA 3020. We are replacing our current ASA 5510 with a PA 3020.
According to https://live.paloaltonetworks.com/docs/DOC-2835 the (current) certified formats for use with CEF is:
Traffic
CEF:0|Palo Alto Networks|PAN-OS|4.1.0|$subtype|$type|1|rt=$cef-formatted-receive_time deviceExternalId=$serial src=$src dst=$dst s
...
Hi,
The bypass switch detects heartbeat from Palo Alto firewall to determine if it is alive.
What happens if, by any chance, PANOS become unresponsive but the hearbeat ping is still alive? will the bypass mode be ON?
anyone having this experience with
...
See here for examples:
Exporting Check Point configuration from Security Management Server into readable format using Web Visualization Tool
http://www.checkpoint.com/techsupport/downloads/docs/firewall1/r54/WebVisualizationTool.pdf
We're getting ready
...
Hey all,
Do you find it annoying you can not copy security profiles and log options the way you can copy zones, objects, user, applications and services from one security rule to another through the GUI?
Manually adding the same security profile for a
...
Hi there,
I'm looking for some insight on the best security design for several externally accessible web applications. We have several public IP addresses available and can simply do a 1:1 NAT for each web server, put it in a DMZ, or both. Each web se
...
Hi,
we created a user with device group and template admin role(only selecting monitor allowed)
also created a user with that role and choosing only 1 vsys for access control
when we logged in with that user we can see other vsys's traffic logs which ar
...
Hello everyone,
Has anyone installed an PA-5000 series (PA-5020 and PA-5050) with a standard twinax wire? I want to connect a PA-5020 and PA-5050 to a Juniper SW with a twinax cable (EX-SFP-10GE-DAC-5m), and I want to know if it is possible or if anyo
...
Currenly all routing must take place on our core network. (due to backup ipsec tunnels and faster MPLS circuts)
Here is what we want to do but I am not sure how to accomplish this.
We have four IPsec Tunnels that we do not want to be routed to each oth
...
How would one implement a man in the middle SSL decryption configuration on the Palo Alto without the client's browser popping up with a untrusted cert message?
Hello,
I am testing about VM-FW on ESXi environment.
But Traffic from VMs don't go through Internet.
There is VM-FW between VMs and Internet.
So I have checked PCAP and packet filtering.
I have seen all packet drop.
Drop count name is 'flow_meter_host_thr
...
Hi guys,
I've found out that our customers PA keeps high management cpu usage, and it seems that this process use most of the resource.
what's the 'appweb3' process and why the user is 'nobody'? Is there somebody who can explain this??
Thank you very m
...
We have couple of Paloalto 5050 firewall, which license got expired recently. Is it possible to connect these firewalls with Panorama.
After device has been added in Panorama with device serial number, it is not connected and device IP details not s
...
What's wrong with the URL filtering and logging of the PaloAlto FW? We have many URL logs like '%16%03%01/' when users visit SSL websites.
Is URL detection for SSL websites broken?
Are there other users who have this problems?
We are not 100% sure but i
...
Hello,
I am testing VM-FW(VM-series)
I have ESXi running sphere 5.1 environment.
Is VM-FW installed on sphere 5.1 available?
Thanks.
reaper
on:
Tunnel Monitoring
reaper
on:
Global Protect need to ask for password all time we connect
reaper
on:
GlobalProtect Android version 13 issue
