PA VM
how to download PA VM for practice purpose.
how to download PA VM for practice purpose.
Hi, i'm observing in the fw logs massive requests from company dns servers to root servers (53 udp).These servers are generally named *.root-servers.net.I know that our Dns are configured to interrogate our provider DNS.Do i need to allow communication to root servers? How to securely address the policy rule as i cannot allow all dns query (to a...
Hi All, We are exploring the firewall deployment options for one of our customers who have a requirement to stretch few VLANs across 2 data centers most probably using VXLAN/EVPN. The options currently being explored are: 1. Active-Standby firewalls in each data center2. Active-Active firewall with one node in each data center Are there any de...
Where can I obtain official information from Palo Alto Networks regarding the SKU change from INTEDGE to CORESEC?
My company has a Satellite location with a different ISP. We are thinking about adding a Palo Alto PAN-PA-220 setup at the Satellite Location. Will this device be covered under our current Paloalto support coverage?
PA-5050 device with software version 4.1.6.In all my devices except one, I was able to create a new Administrator account (Superuser) with password and log on with the account to administer the device. The problem device allows me to create a new account like the others, but I get an "Invalid Username or password" error when I attempt to log on...
Hi team, We use a cybersecurity tool called Bitsight in order to discover vulnerabilities in our organization. This time the tool has found out some in our https://appvpn.xxxx.xxx subdomain which is a web portal to download the GlobalProtect client. The Bitsight finding in this case are related to the Content-Security-Policy header config...
Has anybody else experienced an issue with their DHCP server leases being constantly filled up with conflict IP's by one device? There is no pattern to which device will do this, it seems at random. I'm on version 11.1.6 Any guidance would be much apricated.
Currently working on a PA-540 running 12.1.3 code. I have setup a LDAP server profile, and setup an authentication profile. If I test from the cli, the bind is successful, but the authentication fails, even if I use the same credentials I used to do the bind. I've also tried this with a domain admin account in case it was a permissions issue ...
Hi, I have created a new vsys in a 5220 to have all the config that we have in a VM FW. Which is the best way to move all the FW VM config inside the new VSYS in 5220. Copy all the FW VM config and paste it in the template VSYS in panorama? Is there an way to do it by GUI?
Hi I am quite new to Palo Alto firewalls, but have worked with different vendors before. When running a HA in Active/passive a central VIP for mgmt is usually setup, so you dont connect to the passive FW.From what i see there is no VIP for mgmt in the HA setup i am working on here. Is that something that is setup wrong or ? We have a dns name ...
The problem is that after performing a Commit&Push, the primary (active) firewall generates a status change that affects the signaling of the Cisco Nexus switch ports, causing them to enter suspended mode on both switches in the VPC configuration. After the switch stops seeing the primary firewall, the primary firewall does not switch. Disco...
The followin theatID action is "Alert".Would you tell me the reason why action is default set to "Alert"?Would you tell me if there is policy for the default action? 30941316843197132351343213475736415391543990954465548015905585253866469016693719 Best Regards,Atsushi Takara
Hi, i would like to configure my VPN using MAuthenticator. Anyone has a guide for this? i was checking this link but im not sure if this config should be used if you have EntraID AD in the cloud or not: https://learn.microsoft.com/en-us/entra/identity/saas-apps/palo-alto-networks-globalprotect-tutorial We have AD in server onpremise.
I wanted to make sure I had the settings correct for configuring DHCPv6 on my WAN interface for Starlink. I can confirm that I did get an allocation of IPv6 addressing with a /56 prefix and was successfully able to get an IPv6 address assigned to my internal interface. The issue is, it appears I have not gotten an actual perm or temp address o...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

