Dear paloatonetwork live community I have the following question related the above topic
I have a Layer3 interface on the firewall that is connected to a zone that hosts multiple subnets spread across the remote sites. I would like the firewall to block the intra-zone traffic in this. To do this, I will need to give the Firewall IP as th
...
Hi Gang,
We need to update our log forwarding to now include Syslog. Previously they were only uploading to Panorama. It was also previously shared but we will need to make it device group specific now as we have local syslog servers for local sites.
...
There are many articles, guides, and resources available across various Palo Alto Networks properties to guide users on how to best protect their organizations from ransomware. After spending some time to find many of them, I thought I would share wi
...
To begin with I know the document Configuring IPSec VPN between overlapping networks.
Due to my lack of experience still I am not able to understand how I should create the NAT rules.
My objective is to configure the IPSec tunnel only on "my" side - on
...
HEllo,
I am using 5220 series firewall in 2 different DC. versions 9.0.9 and 9.1.6. When I commit on both firewalls, I get a custom_update error. After check now the dynamic updates, I commit again and the problem goes away.
Any suggestion,
Thank you K
Hi All,
i'm trying to configure a SAML authentication for captive portal but when i'm trying to export metadata and selecting captivel portal i'm not able to export, it shows no option:
if I try to type an address and click ok the file generated contai
...
Dear all,
a potential FTTH provider requires a special option for the dhcp client in order to work.
CISCO setting like:
ip dhcp client class-id 100008,0001,Cisco,e02f.6d21.xxxx,15.3(1)T,FCZXXXXXXXX
Is there any change to set the dhcp class-id for the dhc
...
Temporary we want to disable test GP setup. Found below options :
* Create deny rule for GP public ip.
or
* remove fqdn/ip of external gateway from GP Portal > Agent
or
Disable Tunnel mode , GP gateway > Agent > Tunnel Settings > Tunnel Mode
Is there any
...
I have a 5220 that I am using as core L3 segmentation router for my 500 user environment. Currently running 9.1.3 Pan-OS and What version of PAN-OS is recommended for this scenario. Is it generally advised to install the latest version posted on dev
...
Can PA-220 Handle 3000+ users for UserID Mapping and User ID Group Map. Wanting to understand the capacity and efficiency sine we have remote sites which have the PA-220 and need group specific policy for the company divestiture.
Opened a S2 (high) ticket at 11am ET this morning about panorama in High Availability in suspended mode after upgrading from 9.1.9 to 9.1.10. No response from TAC support after two hours. I called in and have been waiting for over an hour with no o
...
My organization is in the process of moving from one VPN solution to GlobalProtect. We are seeing several applications being unable to run certain features, or run successfully at all, and the error logs appear similar to this (I say similar because
...
Can we specify session, session timeout i.e. Keepalive timer for particular source or destination ip in Palo Alto?
In the WebGUI, we will find these settings at Device > Setup > Session, But this settings will be applicable for global setting.
I fou
...
Hello,
I need know how to allow create policy in PA firewall 3020 and add destination as URL name as (microsoft office 365) instead of adding all IP ranges.
Appreciate your help
Thanks
TomYoung
on:
SSL Inspection and SSL Labs
BPry
on:
MOST COMMON ERROR MESSAGES
TomYoung
on:
file blocking profile not working for SFTP
| User | Likes Count |
|---|---|
| 12 | |
| 11 | |
| 7 | |
| 7 | |
| 6 |
