Safe Search Issue

Transparent safe search is not enforced for networks which are using the PA box for DNS proxy.

I have enabled Safe Search tick in URL filtering. Still no go.

We have enforced with local DNS servers and that is working. However the interfaces using PA

PA-850 - how to protect

Hi

If I wanted to protect a PA850 from unknown devices connecting.

so 1 port to the local ISP.

6 ports for laptops to directly connect.

How / what is the best way to make sure only pre defined laptops can connect.

Mac filtering ??? Think that is easily

PA850 10gb sfp+

Hi

After connecting sfp+ 10gb  - we are seeing high latency and high Packet Descriptors (almost 100)

any ideas?

We are using brand new Dell certified  DAC cables:

DLCAB-SFP+10Gb

Configuration settings for Syslog forwarding in Palo Alto UTM

Hi Team,

We have integrated Palo Alto UTM v8.1 with LogRhythm. We have enabled syslog on UTM and we are receiving logs on LogRhythm.

The issue is not all the fields are getting captured in the logs (we verified this in raw logs received at LogRhythm)

User Activity report not showing full activity

Hi Team, 

User Activity report only shows detailed web browsing activity for few days (3-4) when report is generated for longer time frame e.g 7 days or 30 days or custom time frame. root partition is at 87% and /opt/panlogs at 71%.

Any suggestions h

User-ID using internal global protect and Azure Active Directory

Hi all,

I've setup SAML SSO based authentication to global protect with Azure Active Directory. I'm wondering if i can take this a step further by using internal global protect gateways and using global protect for USER-ID? 

If i did this, how would

Active / Active NAT question

Hi

To all the A/A users. How have you / Or can you setup SNAT so that all traffic is SNAT'ed to 1 ip .

very basic example

Eth1 - connect to 1.2.3.0/24 - interface address is 1.2.3.2/24 & 1.2.3.3/24 (A/A)  1.2.3.1 arp load balanced

eth2 - connecs to 10

Migrate all configuration and whitelists from a Fortigate to Palo Alto firewall?

Hello, we have a Fortigate firewall device and we recently bought a Palo Alto firewall. We would love to transition to this but what would be the best way? We have a lot of whitelist rules that would be a pain to recreate.

Is there a tool or a scrip

i don't connect to vpn PANGP

::edited by @reaper ::

I don't connect to vpn

MY LOG

(T7692) 10/01/19 16:24:03:969 Debug(4273): DLSA, encounter an route defined in config, do not remove it
(T7692) 10/01/19 16:24:03:969 Debug(4263): DLSA, check our route (des=10.1.77.82, mask