sizing firewall

Hi,

I am looking for a firewall  for 3000 users, 

and 500  vdi  access 

expecting approximately igb  internet traffic 

Please help to size,

Ho much throughput I needed 

Thanks 

Threat log issue

May I know why no file name display in threat log which action is alert.

Please see attached the photo.?

Validation Error after upgrading to 10.2.3-H4

Recently upgraded my PA-5220 to version 10.2.3-H2 from version 9.*, (took me 5 version upgrades to get into the 10.2.3-H2). Which now is causing some commit issues. The issue is a Validation Error as follows:

vsys>vsys1>service-group>DM_INLINE_SERVIC

Server Monitoring of User-ID agent set-up shows Authentication failed /Connection refused error

We have over 80+ firewalls in our environment, all of them of version 10.1.6.-h6 , we are using Kerberos profile in the user-id agent set-up and every server monitor status seems connected. Except for the firewall which is with PAN-OS version 10.2.3.

Does Global Protect Agent downgrade automatically on transparent mode?

Hello,

I have issue about Global Protect.

So I want to downgrade Global Protect Agent.

Does Global Protect Agent downgrade automatically on transparent mode?

I have tested result for one PC what doesn't downgrade automatically, right?

Thanks

Failover but Cannot access WebGUI

Hi All,

I tried to upgrade the Palo firewall HA (Active-Passive). But when I failover active to passive, we cannot access the GUI on both firewall. Before I failover, I check the passive cannot reach to updates.paloaltonetworks.com. 

After I fail

PA-220 console is blank

I received a PA-220 to set up at work. When connected to the console (USB-C cable), I'm only seeing a blank screen. I'm using 9600 speed and 8-N-1 but nothing shows up.Even if I reboot the device, nothing appears while it is booting up.

Cortex geolocation ip error

Hi team,

Cortex is erroneously geolocating IP addresses, although the FW itself locates them correctly.

Can anyone help us how to proceed?

Regards

Global Protect Hip check doubt

Hello,

We are implementing HIP for our company, the case is that we already have several HIP objects and profiles working properly.

My question is, if we have identified a machine that does not pass the hip check as we want, is it possible that the v

User mapping - IdleTimout and MaxTimeout architecture with GlobalProtect only (no User ID agents)

We have a setup for up to 2.000 employees. Every employee has the GlobalProtect installed, but we are not using any User ID agent.

We have only one portal configured, for both internal and external (vpn) connections.

• On both gateways (internal and exte