Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi,
Is it possible to have 2 static bi-directional NAT rules configured for the same public IP address e.g. mapping one public IP address to 2 internal servers using the below linked config?
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/n
...
Has anyone successfully gotten Minemeld to work when the PAN is in FIPS mode? Getting an error when following the steps listed in a previous article. "Import of GoDaddy2 failed. Unsupported digest or keys used in FIPS-CC mode"
https://live.paloalt
...
I have an external Gateway and I wish to setup always-on except when on local LAN. As a test i am doing this on my own username but it seems to always want to connect to external GW regardless of my settings.
I have turned on Internal Host detection
...
Hello,
Hi All,
Wanted to know the Best Practice for the User-Mapping with Server Monitoring, we have a few Firewall Sites which utilize the server monitoring feature whereas the vast majority others do not and use only windows User-ID agents for probing and
...
Your firewalls are generally okay.
But, the fact that you cannot get an interface bandwidth graph without configuring some QoS hack to only show an ingress interface traffic graph is stupid.
Every firewall vendor in the world has this feature. Except y
Hi,
I have an issue where a Static route that is being path monitored and redistributed into BGP, is not removed from the BGP RIB out table when the monitored path is unreachable. The static route is still populated in the Palo Alto BGP rib out table
...
Hey guys hope you doing well I got a question I get a challenge one of my user getting traffic logs of NetBIOS by source Pvt IP from LAN to WAN the device from the source side is down the 2 Pvt IP still hitting the cleanup rule. The Policy is denied
...
im having big problem , after my remote vpn connects i cannot reach my internal network even though my core switch is directly connected to palo alto , i checked i set the access range for the vpn for 0.0.0.0/0 and i set a security rule from vpn zone
...
Hi Experts,
We've a pair of firewalls (9.1.6) managed by the Panorama (9.1.6). We've Threat prevention license in place and client would like to install just the threats and not the apps by selecting disable the new apps in content update.
As recommen
...
Opened a S2 TAC case @7pm ET 07/21/2021. The SLA response time is 2 hours. TAC didn't get back to me until 5:43am ET 07/22/2021. The response from TAC is very vanilla, not helpful at all.
Call back to TAC this morning has been waiting for an hour
...
Hello All,
Doing an destination Nat but getting below Error. Could anyone please help me. Also pls find below my nat rule
Please note : Ethernet 1/1 is my Outside Interface
Has anyone had an issue where a tunnel is configured with multiple proxy-id's for a policy-based peer, but a working security association is formed for only one of them?
I have a number of ASA 5505s that need to connect to my new Palo Altos from remo
...
Hello Palo Alto Team,
I would like to bring this up with you.
I noticed that your support page went down today 7/22/2021 and that is fine. What worries me is the way your system handles exception. I think you are exposing to much that end user like m
...
Hi All,
We have received an request to disable the drop of packets due to bad checksum. I had the following questions on this:
Q1: Can i see in the traffic logs if any connections are dropped due to bad checksum.
Q2: This can be done by enterin
...
PavelK
on:
Clarification which update to use for CVE-2023-38802 (VM-100)
OtakarKlier
on:
How to configure ipsec vpn
