How to replace one Faulty Paloalto 3250 version 8.1.6 Firewall which is in HA.

Hi All,

 I need help on how to replace one Faulty Paloalto 3250 firewall PAN OS version 8.1.6 which is in HA and policies are managed through Panorama.

your help is highly appreciated and thank you so much.

thnx

JP

Testing non-http mfa feature with GP

Hi there.

Documentation is rather slim here. I've set ut MFA for web site access, and it works. When testing it for non-http, accessing a SSH server, it kills the SSH connects, but no 2FA challenge on my GP. 

What am I doing wrong? What's needed?

I'v

SD-WAN policy name not showing for ping application

In our demo SD-WAN setup we have a couple of SD-WAN rules for ping traffic and also a catch-all rule for all unmatched traffic. For most of the tested applications everything is fine. But for ping (and traceroute) the SD-WAN policy name field in traf

Firewall is limiting concurrent users for GlobalProtect

We are using PA-VM-300 and it should allow 2000 vpn users concurrently.

Our global protect IP pool is configured for /23, so firewall should accommodate 500 users, as it is having enough IP available in the pool. For some reason, when the other firew

FIPS 140 and CC enabling?

Couple of questions on FIPS.

1. When you enable FIPS140 on a Palo it wipes the device. Can you just reload your last saved?
2. Can a FIPS140 enabled device talk to a non-FIPS device over an ipsec tunnel provided the cyphers are compatible?
3. FIPS disables PAP.

L3 sub interface traffic monitoring

Hi There, How can I monitor l3 subinterface traffic - current & historical. mainly Bandwidth utilization.

Thanks

HA for 3250 FW throught VXLAN

Hi everyone!

I have an interesting case. My topology is:

PA 3250 HA1------> Nexus 9000---------------VXLAN Overlay-------------------- Nexus 9000--------> PA 3250 HA1

                               vlan 2201                                             

Rdp windows

Hi,

is it a good idea giving access to public windowd  rdp ?.

Folks says do not publish outside 

Any good reason for this ?

Thanks

how to create a log forwarding profile using gmail or office 365

Hi 

I am trying to create a log forwarding profile in the firewall and parallel we created the server profile for the Gmail and office 365 

while scheduling the report and used the Gmail or office 365 email id and we try to test the email 

we are getti

COMMIT FAILED: Class mmmisp.Miner in ... not safe to load

Dear all,

trying to get MISP working in the latest version without much success so far.

Repeated the steps from the previous version where I had it working, but now I'm getting:

COMMIT FAILED: Class mmmisp.Miner in ... not safe to load