Migrate from ASA 5505 to a PA 3020

Any one know the best what to migrate this configuration from a Cisco ASA 5505 to a PA 3020 here it show run information for the interfaces from the ASA 5505

interface Ethernet0/0

switchport access
vlan 900

!

interface Ethernet0/1

   switchport access
vl

Problem with chained Cert

Hello

I made a CSR. Got my Cert and did the stuff mentioned in the "how to chained certificate", Copied the intermediate on top of my cert.

but the PA-500 did not accept it. okey i tried it without the intermediate cert text - and it worked. Request is

What do WRED drops and Policing drop on qos mean?

Hello

I have made qos configuration.

I have questions when am checking qos.

Look at the following command

show qos interface ethernet1/1 hw-counter

qid   name                 pass bytes       WRED drop   policing drop

------------------------------------

If we configure Dynamic IP address pools to reserve IP addresses, is there any logging of NAT events?

I have been researching Dynamic IP NAT, and have found the option to configure Dynamic IP address pools to reserve IP addresses for translation. Taken from "Understanding and Configuring NAT Tech Note":

Reserving IP Addresses

Dynamic-IP address pools c

IPSEC VPN phase 1 renegotiation

Hello

I am facing packet drops whenever the phase 1 re-negotiates. The SA gets expired and deleted but it takes 20 minutes for it to start the P1 phase again. In that period the traffic times out until the P1 starts again after 20 minutes. Below are t

Pre-Logon without Windows credentials

Hello,

I want to test the pre-logon feature of GlobalProtect in our environment.

Our clients are using two factor authentication (eToken) for the windows login. So they don't know their windows credentials.

We have already installed machine certificates

Basic QoS Understanding

So, I'm trying to get a clear understanding of QoS on the PA's.  Any feedback / answers would be appreciated:

Maximum Egress - Straight forward - the maximum amount of traffic you are allowing out.

Guaranteed Egress - This one I'm foggy on.  Is it only

Slow transferspeed over IPSec against ASA5510

One of our customer has a Cisco ASA 5510.

We have successfully created a IPSec tunnel and traffic flows both ways, but when trying to transfer a file, the speed caps at ~300KB/s, every 4-5 packets is dropped and the latency goes from ~3ms to 90ms.

Both

User ip mapping with only Global Protect

Hi all,

i have a question regarding user ip mapping when only using Global Protect to authenticate users.

Without enabling any user-id agent. Neither external on a server, neither on the firewall.

It works as Global Protect identifies the logged-on user

How to reset webserver access.log?

Hello,

I have out of space on the root partition (PA5020, 4.06). How should i delete webserver access.log?

Regards

MJ