Hi PAN Community,
I work for a school and we have issues with student VPN use - specifically x-vpn, hotspot shield etc. We have rules in place that take care of the proxies and standard VPN applications and have SSL decryption and URL blocks in place
...
Hi
We have imported a config from a PA500 into a newly installed VM-100 v8.1 (under vmware). After having done some VLAN changes to interfaces, we suddenly started to get the below error message when committing:
Can someone point us in the correct d
...
I have this question and cannot find the answer from the online training:
Which type of content update does NOT have to be scheduled for download on the firewall?
I think it is PAN-DB updates but I just need to make sure.
Hi all,
I thought you'd want to be able to list your certifications and their expiry dates and any relevant announcements, so you could plan your further study, re-certification...
Also, employers ask about cert updates.
Couldn't find it myself.
Other t
...
I found some best practices documentation on the fuel group site and they recommend drop over deny. So I would be interested to see how people are configuring their fire wall more drops or denies and why?
Hello All,
I was just curious if anyone has encountered issues with Apple Mac devices and SSL decryption? We have users that are unable to perform an Internet Recovery over the network, but when they are off the network it works for them. This has on
...
Hello Community,
I was wondering how in a "larger scale" environement (140+ branche offices) people are generally managing their certificates?
We are switching from Websence (Forcepoint) web filtering to Palo Alto 5050 Firewall. Does anyone have a "crosswalk" that has been done showing what websense categories line up with what PA categories?
Hello,
I have been tasked with converting some legacy security rules from app=any, service=custom object to app=app-ID and service=application-default. However, some of our apps use custom ports over known applications, so straight conversion is not
...
Hi all,
we've noticed our admin accounts have been locked several times today due to consecutive failed login attempts to our VM-s.
Most likely, these would have gone through the PA firewall.
I wonder what would be the way to filter huge log, other tha
...
Hi,
I need to create a dual ISP scenario. This FW has 2 interface with differents ISP. (ppoe)
eth1/2 (1.1.1.1/32)
eth1/3 (2.2.2.2/32)
We would like to balance both ISPs and in the case one of this ISP goes down, all traffic takes the ISP up in that mom
...
I cloned few output prototypes and created my own miner -> ipv4 agg -> output config. I logged off for some reason and now that I login, I am getting timeout error for config, system, supervisor etc. I dont see any config info or indicaters in System
...
Hi,
I just upgraded my firewall to 8.1.0. I was checking the log and i see that now the "source user" in log traffic is the full name machine with $, not the AD user.
Before 8.1 was: domain/john.english
Now is: xxxx.dom\PCfullname$
Why??? how can we c
...
Hi all, I found the issue after upgrade Palo alto from PAN-OS 5.0-6.1.0 when to 6.1.0 auto-commit faile and show messages "Total NAT DIPP translated IP 804 exceeds the capacity of 800 " My model PA-5050 so, I would like to know this issue occur?
Hi,
We are configuring a new routing scenario but we are expecting problem taking the correct route.
This is our static route table:
destination interface gateway metric
10.50.1.0/24 eth1/1 10.50.250.1 1
10.50.2.0/24
...
OtakarKlier
on:
Qualys scanner blocked
OtakarKlier
on:
Split-tunnel not working properly
OtakarKlier
on:
Palo HA with LACP to Cisco Stack Switch
aleksandar.asta
BPry
on:
how to block facebook and instagram on mobile
