palo alto firewall slow performance
We are Facing palo alto firewall slow performance issues.
We are Facing palo alto firewall slow performance issues.
Hello, We have several of our users that are using well-known Creative Cloud client to download/manage/update/upload/assess/enhance/whatever their wonderfull Adobe softwares (Aftereffect, DreamWeaver, ...) We have a PA with application-based policies. We deny all traffic that rely on "ms-update" application by default (because we have WSUS in pl...
Hi All, i would like to know the ETA of the PAN-OS 11.2.8 as per last PA TAC mention that the 11.2.8 tentative release date of june 25 but so far no info of the release yet this is to fix for GUI display issue with SAML SLO url. thank you
Hello all, I currently have a PA440 and I have 2 isp's, ATT and comcast which will be our backup and it's my 1st time setting this up, we are a small business of about 80 users, I already followed how to configure dual isp redundancy on the links provided here, but can't seem to get the right direction on how to get dns to work once the failover...
Hi all, I am looking to move an existing AE1 interface which operates as an single OSPF transit to another AE3 port with other sub interfaces also configured. What changes should be completed and considered when doing this to retain network connectivity? Existing port New port I have amended the virtual router to use the new AE3.3501 int...
Hi All, Our current PA-820 support is due to expire in October, so I requested a renewal quote, and our vendor is stating that paloalto is declining to extend support. Has anyone had similar feedback from resellers and or paloalto regarding their non-EoL PA device who's support is due to expire (in approximately two months time)? According to pa...
Anyone hit the same issue before? 2025-08-16 20:35:38.768 +0800 debug: pan_auth_cache_get_authprof_info(pan_auth_cache_authprof_n_authseqprof.c:218): prof "KRB-SSO", vsys "vsys1" (method: Kerberos pre-auth) has sso hash table id: 1 (0 means no or invalid keytab) 2025-08-16 20:35:38.789 +0800 debug: pan_auth_request_process(pan_auth_state_engine....
Hello Everyone I am looking for suggestions on how we could protect our GlobalProtect VPN. We have been seeing people trying to perform brute-force attacks on random user accounts daily. We do have MFA set up, but is there any automation we could implement with Palo Alto Firewall to automatically block IP addresses after a certain number of fa...
Troubleshooting a routing issue I've just discovered that the local preference isn't used for forwarding decisions when ECMP is enabled. Has anyone seen this before? I'm about to log a support case, but I thought I'd ask here in tandem. What I see is that the inbound route map sets the local-preference, and ECMP then ignores this and uses all re...
Hello, Is there a Palo Alto expert who can help explain an issue we are facing? At times, we experience internet slowness on our firewalls (not always on the same unit). When this happens, we check resources, CPU, and interfaces, and everything appears normal. However, once we reboot the firewall, performance immediately returns to normal.
Can you provide the implications of not renewing the subscription of PANO and NGFWs.What do we lose access to, services, updates, support..?
Hello, I am being asked a lot about why is Anydesk getting a "decrypt-error" end reason when SSL Decryption is active.Here is a simple explanation and how to overcome this. What you usually going to do with this kind of errors is creating a Decryption bypass rule for Anydesk (in this example)Since is it impossible to bypass based on application,...
Does anyone know exactly what is needed for browser to either select or prompt for client certificae when connecting to GP portal?I know you need a client sert in personal user store and certificate profile on GP portal. But still i find the behaviour very random.I have 3 GP portals with self signed CA. And a few test machines.For 1st portal get...
We're having an issue with GP where all other clients (Windows, Linux, MacOS, iOS) are able to connect with the exception of android devices. Users authentication successfully, get the MFA prompt from DUO, and then get this error: The network connection is unavailable or the gateway is unresponsive. Check the network connection and reconnect. ...
For beginners, what is the best course to start with?
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 7 | |
| 5 | |
| 3 | |
| 3 | |
| 2 |

