Global Protect Agent GW Login Lifetime

We are having an issue where our internal GP agent is authenticating to both of our internal gateways normally, but after the period set for "Login Lifetime" - the firewall is clearing the IP to username mapping, even though the GP agent still shows

MIgrate From Firewall to Panorama after

HI Expert ,

I would like to know about that if I would to migrate local firewall to panorama and muti vsys is concren? 

Please suggest to me 

Thank you 

Palo Alto Networks Versus Watchguard M4600

What model of PAN NGFW we will position if the competitor is Watchguard M4600 for 1500 users?

how to distribute one internet line to multiple services

in my current scenario, I have 4 interfaces configured with different Public IP address and each interface linked to the different router and each interface have different services (Internet Email1, Email2, VPN)

Our Plan to get a new line from a new

SMTP Inbound Decryption

I am trying to setup inbound decryption for SMTP (TLS) using the default Decryption Profile.

What destination IP address do I use in the Decryption Policy: public pre-NAT or private post-NAT?

Regards,

Han.

Interface shutting down

I have a VM-100 running 8.0.12.  I inherated this configuration from the previous network engineer.  I am quite new to PAN-OS and have found that an interface that faces the Internet is shutting down.  

I can cycle the port in the GUI, and able to pin

Multiple Logins for a single user at different stations filtering not functioning - security threat?

I am new to Palo jsut going Live with a unit.  I am seeing when users move from desk to desk and do not log out but login again at the second station their filtering does not function.  They are either filtered as per the last login previously at the

2 ISP, 1 production & 1 Guest

Question for the community.

I have a site with 2 ISP, 1 circuit is a crappy 10mb circuit I want to use for just guest wireless.

Is it possible to run 2 ISP on a PA220 and keep the NAT and security seperate? 

HA2 goes down when Enabling Session Synchronization

Hello Palo Alto Community,

I'm deploying a HA Pair of Palo Alto VM Serie (hosted on my infrastructure) and I'm being blocked by a situation I don't understand.

• HA1 is UP and the two member can see each other. I'm using the management interface as HA1 i

URL Identification

Hi

i have a question about URL Identification.

i use url object in security policy and no use ssl decryption

if no SNI is present and there is no CN enrty,

how can identify URL?

thanks.

What is "cdt_token" process?

Hi there,

Quick question. I'm currently troubleshooting a PA 3020 in version 8.0.12 for one of my customer. Its PA has huge DP CPU usage (arround 80%). I try to figure out the reason of this usage.

I've isolated the "ctd_token" process which is a big

DNS license and PAN OS 9.0

During Ignite we were told that DNS is coming as license service in PAN OS9.0.

Need to know is this service different from dns sinkhole?

IF it is how it is ?