Missing Zone Assignment

I have an issue where traffic coming in one zone is not being forwarded to the right zone.  It seems the destination zone is not being assigned right when the session is setup.  It seems to be matching the predefined intrazone policy trust-trust.   H

Experience with GlobalProtect during Corona pandemic time

I would like to share issues with GlobalProtect, and what was done to fix it.

QoS with loopback interface
Due to high network load on the Internet line, we wanted to priorize (or limit) some traffic. It took several hours (testing, reading documents,

QSFP+ cable for HSCI, what 3rd party product are you Using?

Hello,

Just curious what cables everyone is using for their HSCI qsfp+ for HA2. My vendor wants to sell me a 10m cable, I dont need 33 feet to span less than 1 :(. Just curious what people are doing prior to using a standard port with 10GB gbics.

Chee

How to Marge 2 ISP Linses

Dears, 

I have 2 ISP lines 

link 30Mb 

link 20Mb

I need to marge  the 2 ISP lines to be 50Mb. I have PA3020

Designing Networks - Access Denied

Hi community,

I'm wondering if it is possible to gain access to the below live community link or is this just for Palo Alto Networks employees?

https://live.paloaltonetworks.com/t5/Internal-Knowledge-Base/Designing-Networks-with-Palo-Alto-Networks-Fi

Rasmgr GlobalProtect

Hi,

We are SNMP monitoring the number of users connected by GlobalProtect Gateway. Sometimes we see how the graph goes to 0 and recover the value some minutes later. No issues were reported by users connected by SSL-VPN.

 So we are investigating if th

Global Protect with Google Authenticator

Hi Everyone, does anybody has ever implementing multi factor authenticator using Google Authenticator?

App-ID Policy to Explicitly Block - Allow WiFi Calling

Hello,

I tried searching but was surprised to find no ready answers for this.. I'm trying to determine the App-ID policy to explicitly block or allow voice calling over wifi (or wifi calling) on Verizon, AT&T, etc. I can't seem to find this in App-ID'

Global Protect will connect then immediately disconnect

A GP issue I am dealing with at the moment is where the client will successfully connect but I cannot ping anything on my network.  It appears to immediately disconnect.  I have attached the log files if anyone may know how to help determine the caus

Enabling Jumbo Frames on HA Pair

I have an active passive PA850 pair, and want to turn on jumbo frames. 

I wondering about the best order-

Can I:

do the passive unit first, and reboot

fail over and do the primary then fail back.

Any issues with the HA function while one unit has jumbo e

DMZ, inside, outside - is it simple thing?

Hi there.

I have a PA-200.

Internal net is 192.168.0.0/24 eth1/2 , inside L3 interface  (default gw) -  192.168.0.254

One external ip address is using for outside inteface, eth1/1.

For connection to Internet I typically use pair inside-outside with:

1. N

Unable to reach GP Portal while on internal network

Hi All,

I was working with a site that has a PA firewall with a GP Portal and Gateway.  Some time ago, I had an issue where my users couldn't upgrade their globalprotect version while in the office. I was able to resolve this issue by creating a No N