General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 21172 Views
  • 43 replies
  • 32 Likes

IPv6 Point to Point prefix

Hi, Trying to setup a IPv6 Point to Point link between the PAN and SRX. Does PAN support IPv6 prefix like /127 for point to point connection? (Yes I read RFC 3627 -> RFC 6164 -> RFC 6547 already) Before any one starts about the IPv6 address space is ...

Cert key import

What is the best way to import a key for a globalprotect portal? I already have CA installed.

jdprovine by L4 Transporter
  • 1072 Views
  • 14 replies
  • 0 Likes

Clear DF bit for VPN

We have recently migrated our site-to-site VPN so it is now running between a PA-3020 > Cisco ASA 5510. After the migration we discovered that one of our cross-site applications broke and the vendor determined it was because their application communi...

Some Applications not being submitted to wildfire

HelloI am testing my wildfire configuration .1- When I download wildfire test PE file , I get an entry under Wildfire submission log & data filtering log.2- I intend to test if copying the PE file is also caught by wildfire , so I download a new PE f...

Resolved! VPN clients IPsec vendors

Hi, We realised after upgrading to 7.1.8 when we access to VPN GP using CISCO VPN CLIENT (IPsec) is not working. In previous version was working. This is the error ikemgrlog: 2017-03-30 13:11:52 [PROTO_ERR]: isakmp_inf.c:1362:isakmp_info_recv_d(): de...

Map any TACACS+ user to local account

Anyone aware of how to map TACACS+ accounts to a single local account? For instance, I have my ACS server using AD for its user database. I created a policy in ACS to allow access to the PA if they are in a certain group. When I want to give someone ...

ddaloia by L0 Member
  • 957 Views
  • 5 replies
  • 0 Likes

Resolved! DoS Protection

How do I go about triggering and monitoring DoS Protection in 7.1.5? I cannot find anywhere in the GUI to help me with this.

How to Safely Enable/allow Skype (URL filtering)

To allow skype you need to allow next applications in security rule:Next step you need to make URL filtering profile. Deny any categories. But allow next URLs:mobile.pipe.aria.microsoft.com*.microsoft.com*.skype.comocsp.msocsp.comlogin.live.comauth.g...

Снимок.PNG
Снимок.PNG

Resolved! Migrate Config between PA-500 and PA-2050

Hello, we own a PA-500 Firewall but are some Versions behind in the OS. Now we want to update it but got an downtime estmiate from our local Palo-Alto vendor from 8 hours. (From Version 5 to 8) Since we have some 24/7 Callcenters in house that's not ...

lenmar by L1 Bithead
  • 971 Views
  • 7 replies
  • 0 Likes

Resolved! OCSP is incorrectly spelled OSCP in the documentation

C'mon guys, really? https://www.paloaltonetworks.com/documentation/80/globalprotect/globalprotect-admin-guide/authentication/deploy-shared-client-certificates-for-authentication https://www.paloaltonetworks.com/documentation/80/globalprotect/globalpr...

DFrauzel by L0 Member
  • 1025 Views
  • 6 replies
  • 0 Likes

Qos profile

 Hi , In the above  which class will get high priority ? Thanks

traffice.JPG
sib2017 by L4 Transporter
  • 1776 Views
  • 13 replies
  • 0 Likes

Considering Buying Palo Alto 800 Series

Hi All, I would like to request assistance from anyone who has had experience with different firewall vendors and currently is a Palo Alto firewall user as I'm not a firewall expert whatsoever. I'm considering buying a Palo Alto 850 Series firewall o...

Techlove by L0 Member
  • 626 Views
  • 2 replies
  • 0 Likes

GP upgrade beyond 2.2.x

Hi, I'm running GlobalProtect 2.2.1 on PANOS 7.0.7. I'm preparing to upgrade to 2.3 (and beyond) to finally support some newer client devices. This caveat in the 2.3 release notes made me pause: If your GlobalProtect 2.2 or earlier release configurat...

gateway.png
blankprofile.png
portal.png
portalagent.png
MCmgt by L2 Linker
  • 930 Views
  • 6 replies
  • 0 Likes

Is Decryption needed without URL filtering?

Hello. We currenly have a Palo-5050 v7.18 doing firewalling and URL filtering.We have SSL decryption enabled. Because Palo does not support transparent authentication using Chromebooks and because we do not like the Palo URL reporting, we are looking...

dannon by L3 Networker
  • 827 Views
  • 2 replies
  • 0 Likes
Top Liked Authors