Dropped traffic - no log

Hey,

Setup:

LAN network on interface eth1/2, security device on interface eth1/3 and vpn on interface tunnel.1.

Zone L3-LAN contains eth1/2

Zone L3-VPN contains eth1/3 and tunnel.1

Traffic flow:

A client in the LAN sends a packet to a device behind the VPN

Firewall Statistics Report

We are looking at upgrading our firewalls from the PA-500 to the PA-3050s. The company I work for is growing fairly rapidly and it's looking good that the company will continue to grow. In order to get the funding for these firewalls we need to prove

Unauthorized SSH access through port 22

Hello

I have a rule that permit traffic from "untrust" to some servers in "DMZ" but only for applicacions FTP, SSL and web-browsing, the problem is someone has gained access through SSH using the tcp 22. Shouldn't the PaloAlto has block this kind of t

URL Filtering in Vwire SSL Trust Question

Hi,

I have a customer who is currently only running the PA in vwire. They need to have custom URL filtering continue and override pages.

My question is what needs to be done to have the end users browsers trust the certificate in vwire?

I know in layer

Changing communication port

Dear All,

Hope you are doing well.

I want to access the PaloAlto web portal from the internet. if I type the public IP it will be connected but i want to put a port number that only my team know it and for more security.

Ex: 10.10.10.10 :44443

or is ther

GlobalProtect and Proxy

We are running 5.0.8 on a 5020 with GlobalProtect 1.2.7. I
am just setting up GP (single gateway version) and am running into an issue
with proxy. Our laptops have a variety of proxy settings depending on the OU
they are in. The automatic configuration

API call to clone multiple URL Filtering categories

Hi,

I am trying to clone 2 URL Filtering Profiles "testProfile1" and "testProfile2" into "testProfile1-1" and "testProfile2-1" using the following REST API call.

https://HOST_IP_ADDRESS/api/?key=LUFRPT1mQUJoTjh4S05rbkpBcWtLb2pZRERJekJTcDA9U2F1cU8ybzFza

PA-200 with DHCP assigned Internet IP and GlobalProtect using self signed certs

Hello everyone, trying to find a how-to or config guide on how to configure PA-200 that has 2 interfaces configured, eth1/1 and eth1/2 runnin PANOS v5.0.8, downloaded and activated 1.2.7 GP client on the PA-200.

eth1/1 is in untrust zone and setup wi

VM-100 L3 subinterface responding issue

Hello All,

almost a year I have production VM-100 deployed on 5.1 ESXi infrastructure. One interface is divided to 2 subinterfaces and configured like L3 with one virtual router. Policies was deployed and everything working fine until users complain t