The source port was natted to multiple source ports while the packets leaving the FW

Hello everyone

The NAT type we are using is "Dynamic IP and Port", the Palo Alto Networks firewall translates the source IP address or range to a single IP address.

for this conversion, when the packets arriving the FW, we can see the source port is

log forwarding to CDL is generating high traffic volume

Dear community!

We are sending logs to cortex data lake and we noticed high traffic volume for the sessions concerning log forwarding, with peaks up to 200GB of data sent. 

Do you know if this volume of traffic can be normal?

Also, is there any docume

VPN Site-to-Site FQDN peer ( Dyndns )

VPN Site-to-Site FQDN peer ( Dyndns )

Good afternoon, I am trying to set up a site to Site VPN using as PEER FQDN  myvpnsite2.dynalias.net ( DynDNS ).

Should I also use the Local and Peer identification parameters and settings or it is not necessary?

A

SIP Traffic - End Reason Resources Unavailable

VPN Site-to-Site and Global Protect - DynDNS IP WAN DHCP

Hello, good afternoon everyone, I hope you are very well.

I have a couple of questions, I hope you can clarify and help me.

1.- Is it feasible to create a Site-to-Site tunnel between two sites with DYNAMIC IP ? Example using DYNDNS, in both sites, is

DynDNS Certificate

Good afternoon, I am trying to configure DynDNS on the Palo Alto machine.

In the steps it talks about using a certification profile, and in the Palo Alto instructions, it talks about importing the SSL certificate from the DDNS provider. My question is

Redundancy VPN between two sites with two ISP

HELLO ALL

We have two PA devices.(850 and 500).They are located in different sites.Both firewalls have two connections to Internet via 2 different ISPs

We want to make Site to Site VPN between these sites.But make it redundant.Two VPN connections betwe

Instagram allowed in the security policy, but the pictures are not displayed correctly on the website

Dear Palo Alto Community Members,

I'm tiring to set up a security policy based on app-ID allowing Instagram but blocking Facebook.

Unfortunately, I can't get it to work, and I'm not sure what I might be missing here.

The security policy allows all the

Re:Software License

Hi,

Can anyone enlighten me what is the use of the Software license in Palo Alto NGFW and what will be the impact on the firewall, If that license expires.

how to adjust interface metric in ospf to define desired route ?

I have to two virtual routers 

VR_1 - e1/1 - is connected to wan 1, e1/3 - is connected to internal network, e1/4 is connected to a switch so, VR_1 has e1/1,1/3,1/4 and I want the primary ospf route to be from e1/4. what changes should I make to do s