Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I have a client that is currently using Sonicwall and wants to migrate to Palo Alto.
Sonicwall supports Transparent IP Mode (Splice L3 Subnet) that basically can bridge the WAN subnet onto the DMZ interface.
Let say for example,
WAN Interface - 100.1
...
Hi,
Anyone has ever figured out how to block any inside hosts to upload any kind of file outside, but still allowing web browsing? The file blocking option support only specific type of files... and the APP-ID database doesn't have any king of basic
...
Hello all,
We have two users across the pond that have an issue with their client attempting to start and then repeatedly starting multiple instances (task bar will show several GP icons as they come and go).
We did a deep-clean, reinstalled fresh, di
...
Under traffic logs we are seeing communication is being allowed through an access rule which does not have a match for destination server. There is security profile attached to the rule. Can someone please explain this behavior of PA.
Hello,
I have an issue with PA-5220 FAN the LED indicator is red.
when I check the system environmental logs below is the result:-
Do I need to change the FAN or any troubleshooting steps for this?
I am new to MineMeld time and the first day. I have only download and install MineMeld on a VM and configured it successfully. I don't know what AutoFocus is, so I don't think I am using it. so I am using the community version of MindMeld.
In foll
Hi All,
I come from a Cisco background and now getting to play with PAs I have a few queries around debugging from CLI.
Can we debug multiple different protocols at the same time, e.g Phase 1, 2 for VPNs, maybe some ARP resolution at the same time
...
Getting alerts for eu.wildfire.paloaltonetworks.com having an expired SSL certificate
Looks like it is a wildcard for *.wildfire.paloaltonetworks.com from Godaddy, can someone in support replace it?
Hi,
I'm having a challenge with GlobalProtect when trying to do ldap authentication with a machine cert (from internal MS pki). I've tried both the computer and workstation authentication template, but neither worked. GlobalProtect states certificat
...
Does all the partitions showing below has self cleaning Capabilities or there is a need to manually clear those files like for eg I know old downloaded software can be deleted to free some space from panrepo partition?
Filesystem Size Used Avail Use
...
Hello team,
We have around 10 HA cluster managed through Panorama. now we need to detach/remove one HA cluster from it. Please guide me on the steps to be followed without creating any impact on production.
Also please confirm if it need downtime.
Hey Everyone,
My company is looking at implementing Panorama to update and monitor the other firewalls we have at other locations. Does anyone recommend the Hardware like the M-100 over just installing it on a server using ESXi?
Thank you!
Hi there!
I have a little problem with GlobalProtect and I don't know how to solve it..
I use Ubuntu 18.04
Each command to globalprotect (for example globalprotect help OR globalprotect connect) returns the answer:
Cannot connect to local gpd service.
Hi All
After some advice, planning to have 2 X PA820 pairs of Active/ Passives, Inner and outer firewalls protecting some internal networks.
See the diagram, Does the HA2 link pass data plane traffic at all? Or can it?
There could be a scenario that
...
Hi All ,
I have an issue
Is there a way to use Global Protect to enforce web or URL filtering policies when users are not on the corporate LAN ? for now, when users work remotely , they bypass all web and URL filtering and security policies and d
...
OtakarKlier
on:
RFC1006 protocol over TCP
OtakarKlier
on:
Windows update URLs with IP addresses show up as unknown
OtakarKlier
on:
Panorama Upgrade
OtakarKlier
on:
Layer 3 between 2 buildings
OtakarKlier
on:
URL Category rule works on some firewalls but not others
OtakarKlier
on:
CPE for the Conferences or Summits
