HA Configuration Between the Buildings with Dark Fiber availability

Hai Team,

  We have two building next to each other and we have dark fiber connectivity between them.

I would like to know how do we configure HA betweeen them. how do i make use of dedicated HA ports.

Firewall models  PA-3020 runn ing 8.0.7

Consistent Profile Assignment

Does PA advocate the assignment of Security Policy Profiles (with at least alert actions) to all rules. Is it a best practice?

mac address based firewall policies

Does anyone think of mac address based firewall policies?

Panorama and active/active configurations

Hi,

Recently, we added more PA devices to our infrastructure and we decided to start using Panorma to manage all these devices.

So far, we haven't experienced an improvement in efficiency or user/admin friendliness.

Let me (try to) explain:

We have two

Certificate attached to non existant security profile

Hello,

I've encoutered a problem regarding the deletion of a Certificate. When i try to delete it i get the following error message:

Custom extensions for file blocking

I've got our PA setup to block file types that are risky.  But, I've found a problem with Symantec LiveUpdate pulling down the update files it needs.  It uses a couple odd file types that aren't in the list as types that I can allow for a profile.  I

Problem with GlobalProtect password.

Hello all!


If we put a sterling pound (£) symbol in a user password, the authentication fails. We are using GlobalProtect 4.1.8 and use a RADIUS server running Microsoft Azure MFA server on the authentication profile of the GP gateway, with just an LD...

How to disconnect authenticated Live User from PaloAlto FIrewall

I need to know , How to forcibly disconnect authenticated Live User from GUI of the PaloAlto Firewall ?

Global Protect Client 5.0 for Windows and Mac

I'm looking at the release notes for the Global Protect client for Windows and Macs, now at 5.0.1

Am I missing something ?

What is the reason for the 5.0 client?

I don't see that there are any new features, or changes in behavior.

Or is it simply that

Limit download file size with specific response message

Hello Guys,

I succeed limit the download file size with the following KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhHCAS

However currently the user is alerted with the antvirus response page. Is there a way to provi

IKEv2 Mobility and Multi-homing Protocol (RFC4555) Support

Did a quick search on this but couldn't find anything on this topic.

Do any of the PAN firewalls support IKEv2 Mobility and Multi-homing Protocol (MOBIKE), specifcally RFC4555? I noticed that Cisco ASR5500 platform has support for this, so I'm curiou