proxy_arp_pvlan

Hi all,

I was dealing with a scenario recently which I eager to use the Palo Alto firewalls.

In my design, it is a must to use the feature which is called ARP alias in Cisco terms, and ARP publish in Juniper terms. In case of Linux as Palo Alto is usi

HIP Check licensing expired

I thought that HIP check licensing expiration (trial version), would cause any rules on the FW - using a HIP check profile column to not match.   Instead, it appears that it causes the firewall to simply not care about that column at all.... and allo

Removing my site from Palo Alto's blacklist

Hi, please tell me how can i contact to Palo Alto for taking  my blacklisted domain to whitelist in a palo alto DB

TCP TimeOut caused by the PA?

We have a video app that is streaming through our Palo Alto firewall on port 80. Everyone once in a while the session fails and can only be revived by hitting refresh in the browser. I am dealing with a network manager that's convinced the PAs are Re

Global protect app transparent update issue

Hi Team,

I have an issue, where customer is not able to update global protect app using transparent option. I'm explaining the issue in very detail to avoid confusion.

User machine is installed with client version 2.3.1. During the time of deployment

Windows, Kerberos, LDAP, RADIUS

Hi! My company is rolling out a small pile of Palo Alto firewall models and I'm trying to learn the nuances and best practices of these devices. Initial implementation and basic functionality has been pretty straightforward. Now we are trying more ad

GlobalProtect not working if laptop has no internet at boot

 I have prelogon setup for globalprotect using machine certificates, so that when a laptop boots up with internet is automatically connects to globalprotect.  This works perfectly fine, except for when a laptop does not have internet access.  If a la

How to identify app data vs differen in traffic recieved on app data

Hi Guys,

Lets say I have application SAP that allows port 8443 but looks like APP-ID is not getting matched and we are getting insufficent data followed by deny rule , question is how can we look for difference between expected application data and d

Active-Active Configuration with floating/Routing redundancy sample.

Hi All,

I'm trying to configure Active-Active HA between 2 Palo Alto in my infrastucture. Basically i want to know the concept behind floating ip address/ Route redundancy requirement in A-A scenerio.

If anyone know any video link as per my requireme