General Topics

Adding L3 to vWire PAN

I currently have a PAN 3220 sitting in serial behind a Cisco ASA. The PAN's doing the higher level inspection, geo, correlation warnings, content filtering. I had written earlier on the forum about wanting to implement layer 3 on new interfaces and i

Palo Alto OSPF routing./wild card mask configuration.

Folks,

For OSPF configuration on the Cisco router, we normally define a wild card mask. 

e.g. network 1.1.1.0 0.0.0.255 area 0.

What this configuration tells the Cisco router is to form OSPF neighbor with all IP address that being with 1.1.1.x IP addre

Trouble with multiple IPsec VPN Tunnel

Hi all,

I'm a fresh man to paloalto devices and I'm facing a problem.

Site A has a subnet 192.168.100.0/24. Site B has 192.168.40.0/21. Both sites use PA820.

Site A has a IPsec tunnel to Site B. This tunnel is running good.

Now we have a new Site C, 192.

want to create two region in same country.

Hi,

I am facing an issue regarding the region configuration.

I want to create two custom regions.

I have tried, in the name, I added India and checked geolocation and added the coordinates of a city. This scenario is working.

When we keep the city na

File Blocking feature not working with owncloud-uploading application hosted on NGINX web server

Hello everybody,

  the thread subject is pretty self explanatory. I'm playing with the file-blocking feature and doing some testing. What I've found in my lab environment, using both PAN-OS 10.0.1 and PAN-OS 9.0.9 and both VM-Series an PA-820 applian

LSVPN versus Cisco DMVPN

Looking for some feedback on anyone's experience with both/either.

In the Cisco realm say a mesh of 50 some sites each router has a tunnel between each site and a connection can go direct to the other location because routing is shared across the ent

view the urls hitting default interzon policy

Hi team,

We have a url filtering profile created for monitoring with action of all category as alert. And this profile has been called on default interzone policy (action deny). But nothing is gets logged, we have many traffic hitting default interzo

GlobalProtect Version 5.1.6 has Browsing Issues on MacOS 10.15.6/7!

LACP Nego-fail issue between firewall and CPE router - Expected Behaviour?

Hi Live,

I'm experiencing an issue with a setup of aggregated ethernet interfaces configured with LACP simply for redundancy connections between our HA Active/Passive firewalls and Cisco ISR 4451 routers.

I'm wondering what steps to take as regards p

License expiry

We're waiting for our new licenses to come through and getting a little nervous, of particular concern is our PAN-DB license which has the expiry date as 11/2/2020. 

It is my understanding that custom categories will work and it's just PAN-DB look up

Anyone knows good tool/excel macro for searching egree interface?

*** I know Expedition Tool might have this feature, though please reply with others if possible ***

The customer gave me one config which includes 500 static routes, 10000 address objects and 2000 serurity rule (without zone information...imagine cis

How to configure IpSec-Vpn Load balancing

Hi Team,

I have 2 Firewall ,Firewall A and B,I have 2 Ispon both the firewalls,I have configured ipsec-vpn on both the isp.

need to achieve Load-balancing on both the ipsec vpn.

What is the method that we can apply to achieve this.