Resolved! Qos on Citrix Connection from Internet users

we need to apply qos on citrix users coming from the internet.

should i apply qos on lan egress?

which application i should use for citrix?

OR should i apply qos on public ip of citrix ?

Resolved! Add 2nd FW to Panorama and enable HA with current FW

I have one PA-500 connected and mostly managed by Panorama. 7.1.20.

My question and goal is to add a 2nd FW and make both HA and managed by Panorama.

Is there a process for this ? Step - by -Step

Thanks

Matt S.

Resolved! GlobalProtect portal user authentication failed

we have global protect portal configured and both portal and gateway have same ip assinged.

we have configured RADIUS for auth.

Also under Auth profile we have Radius as a profile name

When client connects he gets message

GlobalProtect portal user aut

Resolved! Office 365 returning 0 indicators

I just noticed my Office 365 indicators are reporting zero for all Office 365.  I originally installed 0.9.46 and it had been working great for a few months.  After I noticed this I figured it had something to do with MS change from xml to json.  My

Resolved! Monitor Auth Logs - Captive portal connection -

I have configured CP with radius passoword.

When i conenct to CP internal portal IP i do not see the auth logs  under monitor?

is this by design?

Resolved! Commit not working in passive firewall

When I commit the firewall in active firewall I can able to commit.

When I commit in passive firewall it shows "Error: config push error"

However I don't need to push the configuration in passive firewall I'm doing this as my HA sync is having issue.

Resolved! Palo Alto - Dynamic Updates

Hi !

I'm new to the Palo Alto Firewalls. I have query about the content updates for the PA Devices has TP licenses. We are pushing updates through Panorama.

Q1: I can install only  one Active AV or threat updates to the firewall . Since this the new

Resolved! Captive Portal with MFA- Do we need global protect client

When using Captive portal with MFA  do we need global protect client software installed?

Resolved! Captive Portal and MFA

I have configured captive portal with MFA.

Primary auth method is radius and secondary is duo-security.

Under network  

Global Protect

Portal config is done

Do I need any config under gateway???????

My understanding is that we need  gateway config on

Resolved! Purpose of Authen Profile under Global Protect Gateway

We have configured MFA using CP and using RSA as Second  authen.

Under Network

Portal                   Authen--------------Radius

Gateway             Authen ----------------Radius

Under Device

CP  -  Authen ---------RSA

Why we need Authen profile u

Resolved! logical int counters - packets dropped

Logical interface counters read from CPU:
--------------------------------------------------------------------------------
bytes received 21513660
bytes transmitted 2835
packets received 358561
packets transmitted 21
receive errors 0
packets dropped 35853

Resolved! Wildcard certificate on PA firewalls

Hi Team,

I'm trying to create a CSR in Panorama in order to get a wildcard certificate from our third party CA.

In order platforms, I define as common name the format *.mydomain.com but in Palo Alto I'm getting an error: Failed to generate certificat