Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I've been attempting to create a report requested by a client using the Custom Reports module.
The client is requesting a weekly report, containing 7 days of volume usage broken down by hour. I've managed to get the data I require, using the Traffic
...
Team,
We have a NAT pool configured for one of the ongoing requirements. Is there a way to force this pool to allocate IP address from start to end as per new requests come in?
e.g. NAT pool configured is 10.10.10.1 to 10.10.10.10
IP source is anything
...
I got setup 6 AWS VPC with direct connect connection to on prem panorama, which is working fine for a month, and now suddently all 5 VPC disconnected from panorama in the same time.
i checked the BGP and IKE all established, i can ping the panorama I
...
Hi,
I upgraded our FWs from 6.1 to 7.1 a few weeks ago and ever since the web management access from Internet Explorer is painfully slow to load - takes around 1 minute to bring up the dashboard after logging in or contexting from Panorama to a firew
...
Why application ms-upate usage only port 80/443 when WSUS 6.2 an later usage port 8530/8531 (Step 3: Configure WSUS) ?
Robert Ogonowski
Hi,
we are using a PA environment in combination with Bluecoat Proxy SG for caching and user authentication. Bluecoat describes on his knowledgbase KB3323 the differences for session timeouts on proxie servers and firewalls.
From our proxies I have man
...
Dear Expert ,
I need to get all System messages of PA in case of the below Events
Hi all,
We have upgraded globalprotect version 3.1.4 to 4.1.2. Its connected successfully . But after some time it saying portal not available. username take as portal name. anyone experience with globalprotect 4.1.2???
Im setting up a s2s vpn between a Palo and a Cisco ASR. The GUI is showing it all as up - green lights and ike tunnels. But the logs are showing the below:
IKEv2 child SA negotiation is failed message lacks KE payload
I am not sending traffic down th
...
Hey guys,
I've been tasked to have Globalprotect only allow company owned devices over the VPN. I know I can create custom HIP checks for Windows/Mac (reg/plist value). How would I do the same for Linux clients?
I have two end users that work remote,
...
My topology is as follows.
PA-VM-ESX-8.0.0.ova image was downloaded from PA support site and installed on VM
Hi guys,
We have migrated our production web infrastructure to run through Palo Alto (previously running through Checkpoint) and although we have no issues with production traffic we are seeing some intermittent failures on our health checks between
...I’m new to Palo Alto VM series deployment and it’s the new project .. we’re trying to deploy Palo Alto HA in VMware environment . Deployed ovf template and configured management interface . Connected to GUI and all looks ok . But I’m not able to conf...
Hi
I must build up an IPSEC tunel between PA and Watchguard XTM. The other Side gives me ike phase where DH Group is 15.
On PA I only can choose Group 1—768 bits, Group 2—1024 bits (default), Group 5—1536 bits, Group 14—2048 bits, Group 19—256-bit ell
...
I have built a VPN server in company domain and I have tried to connect it in the domain computer. Now I need it can be connected to external computer. I have search many information in Internet to know how to do this setting in firewall. But it stil
...
TomYoung
on:
Confused about QoS on Palo, need some assistance.
TomYoung
on:
Static Port Address Translation question
TomYoung
on:
what is the cli command for checking last failover
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
