Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I was given this design to implement on our PA 5050's. This would be to segregate a user segment (4500x-VSS) from the data center (7K's vpc). Can anyone tell me if this is a valid LACP connection? I have never seen it done without a Stacking or VPC l
...
Hello everyone,
The agency I work for is experiencing H323 call drops. After some research I found documentation here that Palos do not support H323 signaling when a gatekeeper is in call routed mode. The gatekeeper is currently in call routed mode.
...
This is for a lab at the moment, but want real-world advice in case I attempt it.
I had a portal and gateway setup for client SSL VPN and wanted to add LSVPN. Due to complete documents for each type of GP feature, but none combining the two, I went
...
Hi,
Could someone please advise how I can limit internet access by user?
I would like the below
Block level 1 - blocks the bad stuff but allows everything else
Block level 2 - blocks everything apart from an allow list
I believe I have set Enable
...
I have configured SSL decryption with one ISP which is configured via default route and it is working fine. I have another ISP and I configured to forward internet traffic from particular endpoints (same trust zone) to 2nd ISP, for this purpose i cre
...
Hello Community,
How is it running for those that have already upgraded? I would wait but the release of the recent vulnerabilities have pushed this forward for me.
https://securityadvisories.paloaltonetworks.com/
Thanks in advance!
Created template I have Templates showing up over Network and Device tabs. But when I commit there isn't a radio button for templates and when you look under Device Groups and click the group I created it in, the template does not show up. Panorama 8
...
Hi, all
How can i set to config QoS Policy for Destination NAT Traffic from untrust to untrust zone.
I searched for related knowledge but could not find it.
which one is right?
untrust to untrust (Public IP)
untrust to trust (Public IP)
untrust to trust (P...
I have three templates in a stack and three levels of device groups. I want to create a leveled policies based on security zones. Let's say I have a secuity zone called GlobalProtect.
Let's say I have:
DG-Standard
|-------DG-Management
|----
...
Settings in a template cannot reference to another template even if in the same template stack. I want to simplify management of security policies based on security zones.
Let say I have Template-Standard and then templates for each PA like Template
...
i found that my PA cert for ssl decryption is under other people in chrome not in trusted root on one of computers.
still i am able to access websites where ssl decryption is enabled
any thoughts?
i have 3220 FW's in HA, i can see that config is syncronizing acuratly but it shows the status as down.
please assist.
Hi Community,
Wondering if it's possible to create a custom report showing the average number of session processed by the firewall during the last: day/7 days/30 days/180 days/365 days.
Thanks,
H
I recently aquired a PA-4060 from a recycling center. It appears to be fully functional without issue. It's currently on PAN-OS 4.1.12. How can I go about updating this device? I'd like to try and use it in my homelab for learning about Palo Alto pro
...
We have a ListServ server which needs to accept email from a user hosted in Office 365. I would like to limit the security rule allowing the inbound traffic to only accept SMTP connections from the O365 mail servers. I know the list of those server
...
reaper
on:
HSBI and HA
reaper
on:
Agentless User-Id integration
reaper
on:
Required PAN-OS 8.1.25-h1 for PA 3060
