Dual ISP with VPN

I'm working on configuring a branch office firewall with two ISPs and Site-to-Site VPN to our data center.  The data center side has only 1 ISP connection

I'm reviewing this article again, as I've used it in the past.

https://live.paloaltonetworks.com

DoS policy notify

Hi,

We have configured a DoS policy in order to limit the connections to several internal services.

So when we launch a test in order to check that the connections are being limit we dont see any logs or event reporting it.

But looking in policy statis

Comcast internet VPN disconnects

My company has not transitioned to GPCS yet and currently still uses Cisco AnyConnect. We have 10K+ remote users and 5weeks ago about 100+ users started getting random disconnects and they are all Comcast users with XB3 type modem. I wanted to ask th

SSL Decrypt Opt Out Page applied selectively

Hi all,

Currently we use the SSL Decrypt Opt Out response page for the SSL Forward Proxy which works great warning staff of inspection.

However I would apply SSL-Inbound-Inspection to our public web servers for Threat Prevention. Unfortunately it app

BGP Advertising prefix to same AS it was learned from.

I'm working on a VRF-centric DC model that utilizes a PA as the firewall platform between VRFs. One of the snags I'm hitting is that if a route is learned from R1 on an AS (say 65001), and is advertised via eBGP to the PA (AS 65002), the PA won't eve