This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

High Availability with Virtual Wires?

Hi,

I've been looking everywhere and I can only find information on virtual wires being used for path-monitoring in HA. What I'm looking for is if when in HA, do the virtual wires fail over? If they do fail over is there a best practices document det

...

nugentec by L1 Bithead
  • 13450 Views
  • 9 replies
  • 0 Likes

HA path monitoring in virtual wire

I've seen a couple answers here about using Path Monitoring in Virtual Wire. They say that one must use an IP address within the Virtual Wire subnet as the source address. OK, I get that. What I don't get is how to configure such an address. I don't

...

gmparis by Not applicable
  • 12879 Views
  • 22 replies
  • 0 Likes

Resolved! licensing VPN clients

hi!

I would need some help understanding the PAN licensing model fo VPN clients. we are planning a new deployment and would like to offer our clients (Windows and iOS based) the possibility to access corporate resources. since only a very basic functi

...

santonic by L6 Presenter
  • 3949 Views
  • 4 replies
  • 0 Likes

Resolved! Do I configure proxy-id in ipsec-vpn certainly?

Hello all,

What is proxy-id in ipsec-vpn configuration??

Why does it need??

I will use ipsec-vpn on PA-2020 & PA-500.

Each devices have 15 proxy-id(remote-networks).

I know one tunnel interface has 10 proxy-ids.

So I have tested without proxy-id that traff

...

PA 5050 Admin Account Rename/Deletion

Hi All

I am using one PA 5050 firewall and all is working fine. Just want to know if I can rename or delete the Admin (Default) account in the box. This account is default account and is there any limitation if we delete it or rename it. If  I delete

...

itsecll by L1 Bithead
  • 2966 Views
  • 2 replies
  • 1 Likes

Resolved! What did I miss? Cross-zone/vpn traffic

New PA200 installed and working on getting it setup. Aside from a 2wk demo, I have little experience with PAN.

I've got a Site-To-Site VPN configured to an ASA5505 at another of our offices.

I have one zone setup for a Wifi network. (Called Wifi) IP sp

...

Nathan.S by L3 Networker
  • 8113 Views
  • 18 replies
  • 0 Likes

HA-system separated with two datacenters

Man have two datacenters and there are about 15-20km between them. The datacenters are connected by dark fiber with 1Gb bandwidth, is it possible to make HA-system to this setup? I mean so, that one of the PA-unit is in the primary datacenter and ano

...

GP and Multiple Gateways

I get from the documentation that GP client can automatically detect the best GP Gateway to connect to via response times.

Does anyone know the exact process the GP client uses to connect to a deployment with multiple gateways.

In this case we have on

...

msamoska by L1 Bithead
  • 3530 Views
  • 3 replies
  • 0 Likes

Resolved! NAt problem with paloalto

Hi,

i have 3 zone trust untrust and dmz

dmz:91.239.204.0/24

trust:10.0.0.0/8

untrust: anything 

when i try to nat from untrust to trust 91.239.204.22--->10.1.1.34 packet goes to dmz interface...i think problem is nat before routing or routing before nat

...

lildeniz by L3 Networker
  • 2809 Views
  • 2 replies
  • 0 Likes

Resolved! Looking for GPClient for Android

Palo Alto Networks Announces GlobalProtect For Android™ Mobile OS

According to above press release, it is available now, though I can't find it.

It says "GlobalProtect for Android is currently available for download from Google Play™. ".


Could somebody

...

emr_1 by L5 Sessionator
  • 3560 Views
  • 6 replies
  • 0 Likes

packets dropped because of failure in tcp reassembly

Hello all,

Here is network diagram as below

Juniper FW(Branch)

    |

Internet

    |

PalAlto (HA A-P)

    |

BackBone - Juniper FW

My customer use IPSec VPN between both Juniper FWs.

PaloAlto active device changed from #1 device to #2 device at last week(Link Fa

...

  • 23591 Posts
  • 103 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks