Number of chassis

We've been using Minemeld hosted on AutoFocus and now I stood up a new instance based on the docker hub image paloaltonetworks/minemeld/latest. There is a difference in the "# of chassis" shown on the system dashboard - 2 for the AF hosted Minemeld a

SD-WAN internet link (DIA) monitoring

I have a PA-220 with dual ISPs (WiFi and LTE). I tried to configure SD-WAN for direct internet access (DIA). Both gateways (routers from both ISP) are localy connected via ethernet. As far as I know, SD-WAN pings the gateway IPs to calculated the lin

Problem with routing of NATted reply packets over IPSEC tunnel

I have an IPSEC tunnel to another organisation, they have two endpoints at the other end on addresses which conflict with our networks.  We can just focus on one to keep it simple.

• We have an IPSEC tunnel set up and passing traffic fine (tunnel.3 int

GlobalProtect SMB file transfer results in error for large files

We have some users that need to transfer large files on-preemies. When copying files shortly between 5-20% data transfer this error is thrown. Files are MultiGig in size. Small file around 100M that I tested did not show this error.  Copying to the s

Setup Azure MFA with Global Protect - NPS/ISE

I am building this new but don't have concrete steps to start with. What I understand until now is that we need NPS extension for MFA to work with Azure. We last year moved away from NPS as our radius server to Cisco ISE.  So do I have to figure out

User-id issue.

Hi All,

Firewall is 3050 with pan-os version 9.0.9-h1 we are using user-id agent as well as agentless for user-mapping.

Sometimes we are getting machine names instead for ip-address instead of source usernames.we have user-based security policy. Why d

Trouble with NAT and VPN

Hi there,

i want to finish an easy setup which needs a simple DNAT and forwarding into a VPN tunnel on my PA5020.

I've created a working VPN tunnel which is the destination for my traffic. And this works fine if i'm using the tunnel ip to reach targets

QoS and GlobalProtect

We have a use case where many users need to upload files on premises and these are very large video files to on-premises. We want to rate limit/control the organization bandwidth consumed by these users. What are our options. 

Also we use subinterface

Second Gateway and PPPoE

Hi all

I'm in trouble whit this scenario:

- Internet connection by PPPoE protocol with 1 static IP (ie 3.3.1.205)

- additional 8 public IP like: 3.3.3.0 to 3.3.3.7 with 3.3.3.1 as gateway

- Internet connection on ethernet1/1

- internal LAN on ethernet 1/8

IP Spoofing understanding

I'm planning to implement IP drop - under Zone protection on a production system.  I'm really only interested in the ' IP Spoofing ' aspect & I'd like to understand a little more on how it works so that I can addresses any issues, should they arise.

I can't open Support Cases.

I can't open Support Cases. 

Becauase single sign on error.

I cleared the browser cache and tried with other browsers too.

Other options work fine, but only the Support Cases is not open.

What should I do?

Not opening login page to login

I'm using GlobalProtect to connect to a customer.

Earlier a "web" page opened to type in my user name, now it's not happening anymore. It's trying to use my company login which is wrong, I have a account at the customer. 

My IT helpdesk, is telling me