Globalprotect in A-A

Hi,  I have some question.

If I have configure Active-Active HA and two GP portals with PA-3260.

e.g. fw1's portal : 111.111.111.111

fw2's portal : 222.222.222.222

(limitation of SSL VPN concurrent user from PA3260: 2048 ssl-tunnels)

When fw1,2 are in ope

GlobalProtect VPN Client Welcome Page

Hello,

We had the welcome page for GlobalProtect VPN Client enabled at one point. We recently disabled it but the welcome page still displays upon connect. Has anyone else run into this and found a way to permanently turn off the welcome page?

Upgraded to GP client 5.2 Driver error

I installed GP client 5.2.1 for Win 64bit and received an error about a digitally signed driver... it reverted back to the previous version 5.1.1.. did I miss something. Download the MSI from the Support site.

*Urgent* TCP out of order.

Hi team,

My customer is facing the TCP out of order in pcaps while accessing SMB application. 

He implemented the Zone protection in LAN zone which has Asymmetric path set as global, I changed it to bypass...

Will this resolve the issue...?? why TCP o

Regarding URL Filtering

Hello Everyone,

I am little confused in creating URL filtering policy rule. Does allowing certain url category in the policy block everything else?

For example in a policy from inside to outside i created and allowed url category online storage and b

Pearson VUE - endless frustration with the most horrible company on Earth!!

I sat multiple exams from multiple vendors during the last 2 months and one of them was Palo Alto. All of the exams were the so called "online proctored exams" which are served by the super ridiculous OnVUE platform written by script kiddies during a

Reliability of "name-of-threatid" in threat log searches

When using the "name-of-threatid" to search threat logs I am getting very inconsistent results.

Some signatures are returning properly, while others return blank results - even when I build the search syntax dynamically by clicking on the alerts in t

wildfire submission issue

There are certain files which were sent to wildfire for multiple times and every time we have received verdict as malicious.
The same file (i have verified the file hash available in wildfire cloud) is submitting multiple times even after the verdict

Invalid portal error in GlobalProtect

have the GP 4.1 client installed on a computer with Windows 10 Enterprise v2004 64bit, which when wanting to connect to the company portal, marks me as invalid portal, everything related that I have found on the network has already been reviewed but

Need some guidance on the VM series implementation

Hi there,

I have inherited the current network and need some help in replacing the firewall for like to like. We have a MPLS network connecting all our offices and an external firewall managed by the ISP. Traffic from all sites go out via the external

ISP Failover With Controlled Failback

We have a pair of PA-3020 setup with HA and ISP Failover. PAN OS 9.1.3-h. I am not using PBF. I want to connect our VOIP phone switch to the firewall. Our VOIP phones connect to a cloud based PBX. I setup a new VR for VOIP with ports for ISP1, ISP2,

Azure Marketplace - VM-Series Next-Generation Firewall (CIS Benchmark)

Does anyone know if the VM-Series Next-Generation Firewall from Palo Alto Networks within the Azure Marketplace meets any of the CIS Level 1 or 2 Benchmarks? If deploying these FWs from the Marketplace, do we need to harden the images using the lates

Authentication Policy Use Case

Here use case and wondering if this is feasible.

1. User Bob is already authenticated and connected(tunnel VPN) to firewall A with GlobalProtect with his account "Bob".

2. User Bob need to access critical ressource behind the same firewall A with, how