Resolved! Any way to disable split tunnelling for my vpn clients ?
Hi all,Just wanna know if there is an issue to disable split tunneling for my vpn clients. I want that ALL the traffic goes through the vpn tunnel, and nowhere else.Regards,Karl
Hi all,Just wanna know if there is an issue to disable split tunneling for my vpn clients. I want that ALL the traffic goes through the vpn tunnel, and nowhere else.Regards,Karl
I recently purchased a firewall with a 1 year support contract. I received it three months ago and haven't had time to deal with it. When is the official start date of my support contract? Do I have a certain amount of time to register the box before it's invalid? I know if I register and activate the box the support contract starts immediately ...
I was starting to setup an active/passive system and once the HA was enabled, I lost connection to and from the internet. I found it was an ARP cache on my router. Now if my PA's failover the outside IP will startup and issue a new MAC for that IP and re-arp on router? I was looking at my arp cache timeouts, I though I might have to tweek thi...
I have user id agent 4.1.6-5 on PAN OS 5.0.1.Is it possible to tell the agent to ignore certain IP addresses, I know how to do with the users by using the ignore list text file.
I recently upgraded to PAN 5.0.1. I am now receiving the following alert - Clearing snmpd.log due to log overflow. I have been trying to get more information on this alert but have been unsuccessful. I am concerned with what the log overflow is referring to. Do I need to tweak my default configuration for log retention in the 5.X code. Is th...
Does someone know if it is possible to spoof/change the mac-addresses from a VM PAN 100? Our ESXI Vendor won't enable Promiscuous Mode, so we don't have data through our Ethernet ports. I guess maybe, when I can spoof the MAC address, it might be working.
Does anyone know if the maximum permitted UDP packet size follow the MTU setting? or is there a specific setting for this?I need to understand if the PA automatically allows UDP packet sizes over 512 bytesThanksRod
Running an 2050 Active Passive HA pair.Yesterday I noticed that I couldn't login with the Globalprotect client. After some investigation I noticed that I could log in on the Globalprotect Portal web page, but after the login the page which offers the client downloads would not show up and the connection was reset after a timeout of ~30 seconds.I...
Hi,Can anyone please help me with ospf issue iam facing.I have attached the OSPF config of Palo Alto and downstream SRX 100 devices.Iam unable to get the OSPF routes in Palo alto device. ThanksRaju
Hi There,I am struggling to generate the CSR for a self generated certificate on a Palo firewall (this is the first time I am doing it). I did look into all the documents in the knowledge base and they seemed to be very confusing. I have generated two certificates (one for captive portal and the second for SSL-VPN) using the Palo's Generate op...
rIs Palo Alto able to search for an entire protocol group?for example i can search for bittorrent, emule, etc... BUT can I search for any protocol that falls under the file sharing group?networking > encrypted-tunnelnetworking > remote-accessnetworking > proxyetc....
Hi,In Cisco ACLs, they have the option of adding rules like "access-list OUTSIDE extended permit icmp any any source-quench". Does Palo Alto have a way of distinquishing ICMP message types? I've tried looking in the application library, and ICMP shows up as an App (just like ping does) not nothing about Source-Quench, Time-Exceeded, Unreachable,...
Hello togheter,few days ago we started to forwarding our logs from our PAs (located world wide) to Panorama.I really like the Threat Map under the App Scope Monitor tab.Do you know, if its possible to configuried it so, to have an overview of all PAs ww? Because actually i see the Panorama device only....THX
What is the benefit of Panorama templates?It seems like when creating a template and pushing it out to a device, it doesn't warn you when you are overwriting device configuration. For example, I have a layer 3 interface 1/10 and my template has interface 1/10 for tap. When pushing the template out, it overwrites the layer 3 interface without a w...
I can see the userid's in the agent running but they are not showing up on my logs
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 3 |

