Destination NAT with Port Range

Hi !

We are trying to configure Destination NAT rule for a VC device on Palo Alto 820 NGFW. we need to allow range of TCP ports(Ex:3000-3050) but we could not find the option to configure the port range under the translated tab. find the below requir

log to Kiwi Syslog

Hi,

I've configured all the necessary in my PA-500 but I can't view logs Kiwi Syslog v8 in my PC. Is there some special configuration I missed? I've configured the firewall for UDP sessions. I've some DMZ configured, maybe I forgot to open some ports?

Decryption policy and SNI

Hi,

I activated a decyption policy but my site is configured with SNI. If I apply the policy, the other site with the same IP is blocked with error SSL_ERROR_NO_CYPEHR_OVERLAP (this in Firefox). Which is the correct configuration with SNI?

Global Protect says it is updating but it isnt

Using Client version 5.0.1-9. I have set the Portal update settings set to Allow Transparently.

I have downloaded 5.0.5 on the portal and activated it. 

Wait 5 min.. connect with GPClient externally. 

After a few minutues I get a popup "GlobalProtect Ag

Problems accessing Google Play Store while connected to GlobalProtect

Have just noticed that having connected to GlobalProtect on Android (client version 5.0.3-13), I can browse the Google Play Store but can no longer download any apps or app updates. The status will say "Downloading" but never starts. The security pol

Traffic from GP interface

Hi Team,

I am seeing some traffic initiated from GP interface to outside using source port udp/4500 to public IPs of clients( GP uses 4501 and I have xauth configured). Are these traffics are because of GP xauth configuration.. anybody has noticed it

Convert active/active to active/standby Firewalls

I have active/active scenario PA-220 FW. FW1 has diffident  config than FW2. I want to make FW1 is the active without loosing any data. 

Do I need to erase or do factory reset for FW2 before I sync it from FW1 which is the main configuration that I w

Certificate error connecting to PAN UI after mac os catalina update

I am sure everyone who upgraded to catalina has this issue.

Apple has pushed out new certificate requirements

https://support.apple.com/en-us/HT210176

Not sure about other parameters, but my pan device is serving a certificate that is valid for 10 years

SSL Decryption in different countries?

Hello All,

Starting to deploy 100+ firewalls worldwide. Have configured SSL decryption for General Browsing rule.

A template has been configured in Panorama, so they all have the exact same setup.

North America and Europe locations I tested are OK. Tri