General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18340 Views
  • 41 replies
  • 32 Likes

Resolved! nat before vpn tunnel use case question

Hello I am looking to understand if what I am trying to accomplish will work. Given a PAN connecting to an ASA using a L2L IPSec VPN Tunnel to access two distinct ip addresses behind the ASA. Now these IP Addresses are duplicated on the LAN the PAN c...

Tsquared by L0 Member
  • 1121 Views
  • 4 replies
  • 0 Likes

Resolved! Not synched

My HA pair don't show synched and when I do a manual synched it say it completed successfully but the GUI show otherwise

HA.PNG
jdprovine by L4 Transporter
  • 1718 Views
  • 9 replies
  • 0 Likes

Resolved! pa200 two interfaces in same zone

hi everyone, we have a pa200 with three L3 interfaces currently in use: eth 1/1 - untrust - dynamic ipeth 1/2 - trust - 192.168.18.1/24eth 1/3 - dmz - 10.10.10.254/24eth 1/4 - currently unused Now we would like to configure eth 1/4 just like eth 1/2,...

Migrating from 5060 to 5220

Hi, We are planning to migrate from 5060 to 5220 both should be in PAN-OS 8.0.7 releases.As per article at https://live.paloaltonetworks.com/t5/Management-Articles/Hardware-Migration-from-PA2000-to-PA3000-or-PA5000/tac-p/156354#M4307 taking device st...

Cybersecurity Thoughts

Hi,I have recently read many Plao Alto and TrendMicro research articles, predictions and reports on subject of cybersecurity. Regardless of personal opinion there are possible catastrophic results that could happen in case of abuse of certain sectors...

WillAlt by L1 Bithead
  • 910 Views
  • 1 replies
  • 0 Likes

Resolved! Global protect domain based local breakout

Hi, I have a question regarding Global protect and partial split tunnelling. Does GP have an option to only allow specific domains via local breakout, all other traffic should be forwarded into the tunnel. I'm asking this question regarding 0365, all...

Data Plane high PA - 5020

i have problem about data plane, and the TAC say : packet rate is high, but i cannot find, how much PA-5020 can handle packet rate maximum.i use command "show system statistic sessio" packet rate is 130K - 150K and dataplane 77% at 11:00 AM, but i se...

Unable to reach management service and console

Hi, greeting all my palo alto appliance(PA-850) used virtual-wire mode already, a few days before, paloalto can passaging traffic by virtual-wire pair, but the management service unreachable. even i tried to PING / HTTPS / SSH / SNMP / Console etc. a...

WSTW_SE by L1 Bithead
  • 676 Views
  • 4 replies
  • 0 Likes

Resolved! pan-os 8.0 ntp not sync

Hi, I have a problem with test VM-300, NTP not sync and use local clock.But if i try to set timezone - clock set not correct >show ntpNTP state:NTP not synched, using local clockNTP server: 178.124.164.107status: rejectedreachable: yesauthentication-...

SSergey by L1 Bithead
  • 4125 Views
  • 4 replies
  • 0 Likes

UserID Factor Completion Time - Bad Data

We are seeing some random UserID entries being fed into our firewall that have a Factor Completion Time of "1969/12/31 19:00:00"; these always have a timeout of "0" so effectively kill the user mappings for that user. Has anyone seen this before? We ...

apackard by L4 Transporter
  • 980 Views
  • 3 replies
  • 0 Likes

H/A Clustering Query

Hi, I have a query regarding H/A clustering, I potentially have a requirement for H/A clustering with 3 firewalls and not just 2 (i.e. Active/Standby or Active/Active). I believe that presently a 3 firewall cluster is not currently supported however ...

Resolved! Advertise NAT Pool via BGP

Hi, I need to advertise a NAT pool to an external partry via BGP. When i attmpt to configure the static route with as below. I get the error message when attemping to save the virtual route configuration. What is the correct way to configure a static...

nat configuration.png
nat error.png

Zone protection - alert only

I have been investigating zone protection and DoS protection for awhile now and I think I would have already implemented it if you could configure all the settings to alert when you begin testing.

jdprovine by L4 Transporter
  • 713 Views
  • 7 replies
  • 0 Likes