Hi,
we're running into an issue with IPv6 NPTv6 which we use to route traffic through IPS on PA.
The address isn't translated as expected.
We tried NPTv6 in 2 configurations, both translate the same. We either used:
xxxx:xxxx:xxxx:ffe0::/60 -> xxxx:xxxx:
...
Hello To All,
I will create a short summary about how to do basic checks if the palo alto drops or slows down the traffic.
1. First the pcap capture on the drop stage will show if the firewall drops the traffic and after that we check why the firew
...
1. What is the interval for HIP reports that the GP client sends to the gateway?
2. Is it configurable?
3. What triggers HIP report sending?
Hello All,
Just wanted to post this in case anyone else ran into it. Microsoft release patches as they normally do, however there is one that might break user-id, June 8, 2021—KB5003671 (Monthly Rollup). There is a warning in the notes:
After inst
...
We have new requirements to require MFA for administrative access to just about everything and have to put into place in very short order.
“In addition to remote access, multi-factor authentication is required for the following, including such access
...
Hello.
so slowly but surely I'm upgrading a large number of palo alto's from versions 7.1.x to eventualy version 8.1.6( or higher)
In my palo alto training. and from some upgrades done before of pavm100 specifically. I always loved the fact that you c
...
Looking for some help on split tunneling.
We are on PAN os 9.1.9 GP client 5.26, for our LAN we also use Cisco Umbrella to block sites.
What I want to do is when GlobalProtect connects I want all LAN traffic going through the VPN traffic, and all Inter
...
Dear Team,
Our Core firewall Data plane CPU reaching to 99% , When we checking the traffic logs some MS-SQL application getting high usage, and system logs are showing "dataplane under severe load palo alto".
Pan os : 8.1.15-h3 ,Device : PA 5050.
Ki
...
Has someone seen an issue where the PanGPS log is saying "network type is unknown network" before failing to send the HIP report every hour?
For info we don't use or have enabled Internal Host Detection as there no internal gateways and I see that t
...
I’m very new to Palo Alto and testing things out on a home virtual lab on local computer. I’m trying to configure IPSec vpn between 2 sites using certificates. My problem is that when I export the certificate from PA-1, I cannot import it to PA-2 b
...
In palo alto like any some things are fixed with an restart.
1. If the managment plane in the masterd log (for more about the Palo Alto logs and their meaning you can check https://live.paloaltonetworks.com/t5/general-topics/knowledge-sharing-palo-al
...
Hello,
Our Virtualization team Storage vmotioned all the VMs on a specific host and that included VM-Series Firewalls for NSX as well.
Resulting that the firewalls pass 0 kbps of throughput and dropping all the packets. We were able to identify this
...
PanOS 7.0.1
Tested with Google Chrome and Firefox v56
When trying to export a certificate from Device tab --> Certificate Management --> Certificates, no matter which export format I choose, nor which certificate I choose, nothing happens. Browser w
...
Hi
Any help greatly appreciated.
I have 4 internal IPs w x y and z that need to route out on one of my external IPs (1.2.3.4). And then I need the ingress traffic on 1.2.3.4 to be routed to w x y and z based on the incoming port number. I am also
...
Hi folks/.
I have a situaiton that is doing my head in, and I need some help.
I have an installation which looks like this
"A" end - Palo Alto Active/Passive cluster, public IP for IPSec VPN termination
"B" End - Juniper SRX cluster, Active/Active wi
...
aleksandar.asta
aleksandar.asta
BPry
on:
how to block facebook and instagram on mobile
