Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real
Hi There,
I will be greatful if anyone can please help me to understand the below which is taken from https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/session-owner.html
We have a requirement to configure OSPF & multicast in a sub-interface of Palo Alto for one of our customers. I would like to understand how it would impact the CPU, memory and throughput and the guidelines and best practices to be followed while con
...
I have a pair of 5220s configured with HA1, HA1 Backup, HA2, and HA2 Backup links in use. All HA links show to be up and running. I have left all of the other knobs for tuning link and path monitoring off, taking all of the defaults. No preemption,
...
Hey all,
I've just updated the global protect version to 4.1.8
In the docs, it says that the client supports linux.
I've followed that doc:
https://docs.paloaltonetworks.com/globalprotect/4-1/globalprotect-app-user-guide/globalprotect-app-for-linux/downl
I am currently looking to upgrade my HA pair of 3050s from 7.1.10 to 8.1.6 and per Palo Alto's best practices guide, it is recommended to upgrade to the latest maintenance release prior going to the next major one. As it stands per that best practice
...
Hi there! Has anybody had the chance to play with PAN OS 8.1.5 yet in Production? Are there any noticable issues? I've been locked into this killchain of bugs ever since we made the leap to 8.1.0, and I'm just wondering if this build will be the "sta
...
Hello,
I'm trying to configure double NAT rule (SNAT + DNAT) using Panorama 8.1.4 managing PA 5220 devices running PanOS 8.0.14.
I can valid / commit configuration on Panorama, but when pushing config to devices I get following error message :
For some background: We recently impelmented a data protection strategy within our organization and would like to restrict the Global Protect remote access VPN service only to domain-joined laptops. Since all our endpoints within our environment rec
...
Hi just wandering if you can export QOS interface statistics once you have configured your specific interface profiles.. You can view these statistics in realtime but l can only seem to export to PDF/CSV the configuration ? Unless there is another
...
Hello all,
I've read multiple documents from PA and read some on the forums here, but cannot find anything definitive on this.
What I'm trying to find out is what is the best practice/most effective way to configure a Security Policy for filtering. I
...
when renegotiate happens
or
when lifetime expires will that cause traffic going via tunnel to be dropped?
We have phase 1 and 2 lifetime set to 24 hours.
I have been through the process of getting the files from CheckPoint, going through the migration tool to eliminate unused address, services, etc. I have completed the merge, generated the XML & SET files.
I want to get these configuration files int
...
Just registered a new pa 220. unfortunatly the wrong device name was entered. Going back it doesn't seem to let me change it. THe form opens up, i make my change and hit submit. nothing happens
TIA
John
I'm trying to create a miner that generates a list of TOR exit nodes for consumption by PAN-OS in an EDL. I found the "blutmagie.tor_exit_nodes" prototype and built a graph. My graph uses stdlib.aggregatorIPv4Generic for the processor node and stdlib
...
Hi,
PAN has the following document [1] which says you need to have SSL decryption in order to redirect SSL pages to captive portal.
To me it doesn't seem to be accurate. Response page [2] workaround seems to be doing the same i.e without having an SSL
...
on:
Minemeld static url/ipv4/md5 list
on:
Issue with VXLAN traffic passing through the firewall
on:
Global Protect users unable to access internal resources
on:
SFTP slow transfer showing incomplete data in logs.
