General Topics

DoS policy notify

Hi,

We have configured a DoS policy in order to limit the connections to several internal services.

So when we launch a test in order to check that the connections are being limit we dont see any logs or event reporting it.

But looking in policy statis

Comcast internet VPN disconnects

My company has not transitioned to GPCS yet and currently still uses Cisco AnyConnect. We have 10K+ remote users and 5weeks ago about 100+ users started getting random disconnects and they are all Comcast users with XB3 type modem. I wanted to ask th

BGP config same AS different locations

Hello,

We found some BGP routes with same AS we are using at our PA3020.

PA3020 AS 65400

BGP route (from Cisco Router)

 *   172.27.0.0/20    193.242.39.6                           0 65394 65390 8035 21302 65400 65316 64540 4755 4755 i

Usually with Cis

block all video streaming with palo alto PA-850??

Hello all,

I want to block all video treaming with palo alto. do do following this:

    1, go to Objects--> URL fitering--> add new URL fitering with name block_video.

    2, in categories, I check in streaming-media and choose block.

    3, I create th

Global Protect Client Bundles not installing. VM100

I am trying to install a client bundle for GP on out test VM-100

The VM has no internet connection so I downloaed the bundle from PA

PanGP-4.0.6

On "device > Global Protect Client " I upload the file, which works but nothign is displayed.

If i go to

IPs and ports allowed to a specific host destination

Hello everyone!

I was wondering if anyone had any tips or knew of any free tools that I could use to easily gather the allowed IPs and ports for a specific destination IP.

We have a user that would like ot know what traffic is allowed to a specific gr

Cannot ping server but monitor sees the ping traffic as allow

My Palo Alto PA200 e1/1 (10.10.10.1/30) is connected to router A and e1/2 (10.10.20.2/30) is connected to router B.

The server 192.168.1.100/24 is behind router A (10.10.10.2) which has a static router to destination 172.16.1.0/24 with next hop 10.10.

New Feature request or ?

Hi

I would like to have apolicy that just logs and does nothing else - ie the packet keeps getting evaluated.

some times I want to know there is packet there but not process it with that line.

Can this be done already ?

Azure Site Recovery Miner - XML source into Minemeld

I'm looking to do, what I believe, would be a simple minor for Azure Site Recovery IP list.  The list is located here and is in XML form.  

https://aka.ms/site-recovery-public-ips

I have bounced around on some articles and tried to follow a few, bu

Palo Alto against spam

hello

İn the network users get many spams.We dont have any other anti-spam solution.Is it possible to stop spams by Palo Alto NGFW?

Global Protect ( Force Password, Use GoogleAuth, Client required file?)

Just stating to trial GP.... And have 3 questions.

1) I can't work out what option I need to tick to force the user to re-enter their password on connect ( Android Client in this instance.

2) Can Google Auth Be used for 2FA? I can't find a guide?

3)

Aruba AP Tunnel Problem

Hello, I'm having problems with Aruba AP connection through a FW.

I got my APs in the inside zone, and the controller is in a DMZ. Previously I had a security rule that allowed aruba-papi and syslog app and the AP connected to the controller without