Scope of the licence pan 3220 is linked to the serial number ?
If I put a hard disk from a PAN3220 that failed, in a new PAN3220, what impact does the license have or is it only linked to the serial number of the Firewall
If I put a hard disk from a PAN3220 that failed, in a new PAN3220, what impact does the license have or is it only linked to the serial number of the Firewall
Hi, I am looking to block the RFC 1918 blocks coming from internet to our LAN zone. So, Policy will be Source zone: Public , IP: RFC1918 blocks, Destination zone: LAN, IP : any .Can you guys please confirm that creating this policy will fulfill my requirement? @OwenFuller can you please give your input? Thank you
One question that comes in my mind, can we use fallback URL or IP in Global Protect client? Like in Cisco AnyConnect, if the primary VPN Server or internet source is down then client connect with the secondary internet source automatically.
Hello, My FW is behind ALB, so I want to see original Src IP. I enabled "use x-forwarded-for header in user-id" setting and user-id on the zone.But there is no info on source user column in traffic log. I can see the information in url filtering logs using, but I want to see that in traffic log too.It seems to be possible when I look into manual...
I have a customer case where they have enabled QoS for layer 2 interface. There is a Qos rule in place for classifying multicast traffic as class 3.multicast traffic from zone LAN is hitting the right QoS policy and from the session details, I have verified the QoS class as class 3 which is what suppose to be. However, When I check QoS statistic...
Most of our FWs are multi-vsys. Our stacks basically consist of one template - the entire FW config. Now we are trying to create more global templates that we can apply to multiple Template Stacks. But when creating a new template configs, the config sections only gives you the option of assigning it to "Location: None" or "Location: vsys1" ...
HelloIm doing some tests on PA-220 test unit.Some story - im using windows 10 with installed debian on WSL.I've installed apache2 and doing some IP pulls from internet and then hosting it on:192.168.7.131/steamip2.htmlI can access this from my internet browser and i see list of IPs.After adding edl to palo alto it sais that source is avaible but...
Got a new broadband and if i try to connect VPN using globalprotect, Internet is getting disconnected and im not able to browse anything. If VPN is doconnected , Internet is working fine without any issues
Hello -Has anyone seen or created, that they'd like to share, just a general checklist of information to collect and steps to do a new install?
Hello everybody, I use url-list from urlhaus. If I test some entries, I got a problem with onedrive-urls like this: onedrive.live.com/download?cid=a75074ec168603e4&resid=a75074ec168603e4%21108&authkey=apnjueurszwr7fiThis url should be blocked by urlfilter on the firewall. But it was not blocked. I can download the file. Also I can not se...
IKEv2 on PA has built in keepalive mechanism, but it can only act if the communication is lost for more than 5 minutes: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClgcCACAfter testing it out, about 7-8 minutes passed until Palo Alto detected lost peer and did reset of the tunnel.That's happening due to built in alg...
Morning All-I wanted to go ahead and try dropping a post here in hopes that someone else has experienced either an identical or very similar issue. There is a lot info that could be provided but I'll start with the basics: -Configured in HA pair with another M-500.-Both Panorama appliances also configured as log collectors.-Both appliances are ...
We have 2 ISP's, primary is down right now. Both ISP's connect to different interfaces. When Primary comes up, the interface will be different for outgoing/incoming traffic. Will the active rdp/web sessions/GlobalProtect/IPSEC tunnels drop when primary link becomes active again. Or will it be seamless.
As we have seen that in system log the dataplane is Restarted. When i run this command show system resource follow i can see that cpu utilization goes 100%. Please suggest as i run 8.1.7 PAN-OS version.
I am using my pa-850 as a DHCP server on a small office LAN. I need to assign a VLAN to the phones and another VLAN to the computers. The phones are sending Option 61 Client identifier as part of DHCP Discover. How do I configure DHCP custom options to use the Option 61 value and return a specified VLAN ID?
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

