Comcast internet VPN disconnects

My company has not transitioned to GPCS yet and currently still uses Cisco AnyConnect. We have 10K+ remote users and 5weeks ago about 100+ users started getting random disconnects and they are all Comcast users with XB3 type modem. I wanted to ask th

SSL Decrypt Opt Out Page applied selectively

Hi all,

Currently we use the SSL Decrypt Opt Out response page for the SSL Forward Proxy which works great warning staff of inspection.

However I would apply SSL-Inbound-Inspection to our public web servers for Threat Prevention. Unfortunately it app

BGP Advertising prefix to same AS it was learned from.

I'm working on a VRF-centric DC model that utilizes a PA as the firewall platform between VRFs. One of the snags I'm hitting is that if a route is learned from R1 on an AS (say 65001), and is advertised via eBGP to the PA (AS 65002), the PA won't eve

BGP config same AS different locations

Hello,

We found some BGP routes with same AS we are using at our PA3020.

PA3020 AS 65400

BGP route (from Cisco Router)

 *   172.27.0.0/20    193.242.39.6                           0 65394 65390 8035 21302 65400 65316 64540 4755 4755 i

Usually with Cis

user-id agent

Hi

So I have 

850 - single pa 

5220 - 2 in a Active active setup

panorama

For Windows i have

3 x MS AD - my AD trilogy 

2 x Exchange boxes - they curently are AD's as well

2 more AD - old boxes with FS and PS 

2 FS ... not AD's

I have userid setup for all

block all video streaming with palo alto PA-850??

Hello all,

I want to block all video treaming with palo alto. do do following this:

    1, go to Objects--> URL fitering--> add new URL fitering with name block_video.

    2, in categories, I check in streaming-media and choose block.

    3, I create th

Global Protect Client Bundles not installing. VM100

I am trying to install a client bundle for GP on out test VM-100

The VM has no internet connection so I downloaed the bundle from PA

PanGP-4.0.6

On "device > Global Protect Client " I upload the file, which works but nothign is displayed.

If i go to

IPs and ports allowed to a specific host destination

Hello everyone!

I was wondering if anyone had any tips or knew of any free tools that I could use to easily gather the allowed IPs and ports for a specific destination IP.

We have a user that would like ot know what traffic is allowed to a specific gr

Cannot ping server but monitor sees the ping traffic as allow

My Palo Alto PA200 e1/1 (10.10.10.1/30) is connected to router A and e1/2 (10.10.20.2/30) is connected to router B.

The server 192.168.1.100/24 is behind router A (10.10.10.2) which has a static router to destination 172.16.1.0/24 with next hop 10.10.

New Feature request or ?

Hi

I would like to have apolicy that just logs and does nothing else - ie the packet keeps getting evaluated.

some times I want to know there is packet there but not process it with that line.

Can this be done already ?

Azure Site Recovery Miner - XML source into Minemeld

I'm looking to do, what I believe, would be a simple minor for Azure Site Recovery IP list.  The list is located here and is in XML form.  

https://aka.ms/site-recovery-public-ips

I have bounced around on some articles and tried to follow a few, bu

Palo Alto against spam

hello

İn the network users get many spams.We dont have any other anti-spam solution.Is it possible to stop spams by Palo Alto NGFW?