PA 500 home use

My employer is starting to use PAs, and as a networking person I want to get much more comfortable with them, I wanted to buy an small one off ebay to use as my home router. I won't need global protect, OR wildfire as I just want to run the PA as a r

Best Practice Security Profile Adoption - Determine Which Feature Impacts which Adoption Scores?

How do you determine(map)  which Feature (Policy, Objects, Network, Device) is conntected to which Adoption Category (Wildfire, Anti-Virus, Anti-Spyware, etc.)?

I am missing the connection between how to improve my metrics for the Security Profile Ad

Suggestion on how to made dual IPSec VPN UP with Dual ISP failover by configuring Dual VR

Hi Team,

I am just wondering on how to made Dual IPSec VPN Tunnel UP at the same time with redundant ISP link after mapping each ISP in different VR.

We have configured dual VR. In that, Primary ISP port is mapped in Primary VR and Secondary ISP por

Avoid Attack from outise in PA

HI, 

We are having attacks from outside to DMZ. Many diffrents ips are attacking our public range. These attacks are causing packet buffer 100% and CPU 100%, doing an outage in our network. So in traffic logs we can see all sesiones being denied for

Global Protect with Azure MFA issues

PA3020 PANOS-8.1.7 GP-4.0.7

Using Radius server for auth.

Radius talks to Azure MFA for 2 factor auth.

Having timeout issues.

Sometimes user not getting MFA prompt on the phone.

If the get MFA prompt they will get auth errors.

Panorama help : How to reset rules hit count

Hello everybody,

I have to reset three policies usage in Panorama 8.1 firewall but in this version is not available this option in the GUI.

I guess I can do it from the CLI.

Can anyboy help me?.

Thanks in advance.

Restart is disabled because no ike sa was established

We have IPSEC tunnel to vendor.

Tunnel is up 

Gui shows Phase 1 is red.

I can ping the IP on the tunnel on vendor side  which is Gateway for Vendor LAN.

Unable to ping the LAN IP on vendor side.

PA shows traffic is passing but nothing coming back from ve

Firewall rules suggestion

Hello

I would like to have advices regarding firewall rules. I'm deploying a PA-3220 on my main site (site A). On this main site, I have several zones configured on my PA3220 (user, servers, dmz Intranet,). I have also 5 remote sites.

I must create a

Application is identified ad rtp-base and PA still doing PCAP

Under traffic logs we see  pcap green arrow for this application rtp base.

What is the reason that PA is doing pcap for this if app is identified.

Panorama device group

I am looking for cli cmd to  fetching device group info using device name . 

Any suggestions..