Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi expert,
I would like to allow just mail-server strict to the URL with service SMTP only it can use the URL-category ? or URL-filtering without the service such as HTTP,https,http-proxy
Thank you
Hi Guys,
I want to create the DOS profile for critical servers. I read that I can use classified type so connection count toward only one IP address.
My question is can I add multiple servers IPs in same DOS Rule or I need to create multiple DOS rules
I have an existing LAN with two data centers. The firewalls at each are not in a cluster, and have different internal/external connections and tunnels, so changing to active/active it not possible. They each have separate DMZ's right now.
We need to b
In case you missed it, the LIVEcommunity team has just introduced the LIVEcommunity Cyber Elite program.
What is the Cyber Elite program you ask?
This is a program that we have helped create to recognize the Expert members of the LIVEcommunity.
...
We are standing up some new PA firewalls and have been testing with some HL7 servers. Testing has been going well until recently where "unknown-tcp" traffic gets denied. It seems that it only happens when the transfer of a specific file/message is
...
If I put a hard disk from a PAN3220 that failed, in a new PAN3220, what impact does the license have or is it only linked to the serial number of the Firewall
Hi,
I am looking to block the RFC 1918 blocks coming from internet to our LAN zone. So, Policy will be Source zone: Public , IP: RFC1918 blocks, Destination zone: LAN, IP : any .
Can you guys please confirm that creating this policy will fulfill my re
One question that comes in my mind, can we use fallback URL or IP in Global Protect client? Like in Cisco AnyConnect, if the primary VPN Server or internet source is down then client connect with the secondary internet source automatically.
Hello,
My FW is behind ALB, so I want to see original Src IP.
I enabled "use x-forwarded-for header in user-id" setting and user-id on the zone.
But there is no info on source user column in traffic log.
I can see the information in url filtering logs
...
I have a customer case where they have enabled QoS for layer 2 interface. There is a Qos rule in place for classifying multicast traffic as class 3.multicast traffic from zone LAN is hitting the right QoS policy and from the session details, I have v
...
Most of our FWs are multi-vsys. Our stacks basically consist of one template - the entire FW config. Now we are trying to create more global templates that we can apply to multiple Template Stacks. But when creating a new template configs, the co
...
Hello
Im doing some tests on PA-220 test unit.
Some story - im using windows 10 with installed debian on WSL.
I've installed apache2 and doing some IP pulls from internet and then hosting it on:
192.168.7.131/steamip2.html
I can access this from my intern
Hey Guys,
I am trying to setup minemeld in Kubernetes cluster and path "/mnt/nfs_share/minemeld-local" and "/mnt/nfs_share/minemeld-logs" on NFS server. Below are the yaml file.. I am getting "Operation not permitted" error
Can someone help ???
...
Got a new broadband and if i try to connect VPN using globalprotect, Internet is getting disconnected and im not able to browse anything. If VPN is doconnected , Internet is working fine without any issues
Hello -
Has anyone seen or created, that they'd like to share, just a general checklist of information to collect and steps to do a new install?
OtakarKlier
on:
RFC1006 protocol over TCP
OtakarKlier
on:
Windows update URLs with IP addresses show up as unknown
OtakarKlier
on:
Panorama Upgrade
OtakarKlier
on:
Layer 3 between 2 buildings
OtakarKlier
on:
URL Category rule works on some firewalls but not others
OtakarKlier
on:
CPE for the Conferences or Summits
