Hi Experts,
we have a lot (I mean a LOT :-)) of non-syn-tcp traffic on our PA5220 cluster. The PA is in an enterprise company.
Are we sure that the non-syn-tcp means that there is an asymmetric flow? Let me give you an example:
1) Host A sends a SYN
...
Do i need to enable aho and dfa or not ?
Running 8.1.9 on PA 5220
debug dataplane fpga state
aho offload not ready
dfa offload setup
Use software only
Hi all,
I was wondering if it would be possible to have a report that on a daily base (with a monthly overview) would should me the average amount of concurrent sessions for that period, based on a specific virtual wire or interface.
I noticed that t
...
Hi all, where I work, we are having difficulty in getting the Wildix IP Phone Phonebook to work through our PaloAlto PA-220 firewall what we use for all SIP traffic. (Wildix is a make of IP phones we are using.)
I keep seeing dropped traffic like the
...
Hi,
I have the below topology
PA and ASA are in routed mode .
The first question is the design is valid?
I am facing a problem in this design
ASA says the secondary is failed ,primary asa says the secondary and dmz zone interface failed
Thanks
Dears,
When i log in my firewall it is showing the connection not secure.
For secure connection login, i have gone through these documents and try to configure a secure connection for web GUI access.
How To Configure A Certificate For Secure Web-GUI
...
Hi Experts,
We've Panorama in HA mode running on 8.1 and due to some reason, secondary is now active. Once the primary is back, with the preemptive checked, primary is still passive.
Can someone please assist why primary is still passive?
Note: pls
...
The issue is that when I connected to a server through Global Protect, I can't connect to another server.
I have to disconnect from Global Protect and then connect to the desired server. So basically he can connect to one server at a time.
However, wit
...
Good morning,
we have a PA-2020 with sw-version: 7.1.11
Can I update the software version to latest PAN OS?
We want to use SAML 2.0.
is there a way to achieve this?
kind regards,
Roland
warten mit Login admin / admin
show system environmentals
----Thermal...
We've been using Minemeld hosted on AutoFocus and now I stood up a new instance based on the docker hub image paloaltonetworks/minemeld/latest. There is a difference in the "# of chassis" shown on the system dashboard - 2 for the AF hosted Minemeld a
...
I have a PA-220 with dual ISPs (WiFi and LTE). I tried to configure SD-WAN for direct internet access (DIA). Both gateways (routers from both ISP) are localy connected via ethernet. As far as I know, SD-WAN pings the gateway IPs to calculated the lin
...
I have an IPSEC tunnel to another organisation, they have two endpoints at the other end on addresses which conflict with our networks. We can just focus on one to keep it simple.
Hi,
I have server 2016 with all patches and I use Robocopy to sync files to the backup server. RC kill smb "server service" several times per day, no event log. Windows 10 clients cant access shares.The only solution is to restart the server. Can e
...
We have some users that need to transfer large files on-preemies. When copying files shortly between 5-20% data transfer this error is thrown. Files are MultiGig in size. Small file around 100M that I tested did not show this error. Copying to the s
...
I am building this new but don't have concrete steps to start with. What I understand until now is that we need NPS extension for MFA to work with Azure. We last year moved away from NPS as our radius server to Cisco ISE. So do I have to figure out
...
BPry
on:
When logging into the community can I turn off the email a code?
BPry
on:
Cortex XDR: How to block execution of some unwanted apps
OtakarKlier
on:
Inquiries about PBF nexthop settings when the ISP is a DHCP Client
OtakarKlier
on:
Understanding URL Filtering security profiles vs Rule Action
OtakarKlier
on:
Qualys scanner blocked
OtakarKlier
on:
Split-tunnel not working properly
