General Topics

Templates and Interface IPs

I have setup an HA pair of 5220s and have them added in Panorama all running on 8.1.2.  I have setup the Templates and can push out changes to the HA pair.  I tried to push an IP change to a subinterface on the pair and though both Panorama and the H

New to Palo Alto

Hello, I am new to Palo Altos. We just took over a company with a Palo Alto and we are taking a look at all of the settings in the device to get a handle on how everything is set up. I wanted to see if someone could clarify something for me. When I l

Globalprotect connection speed is reallly slow in China mainland

Hi there,

I am working overseas in China mainland and our GP recently has a really poor connection and hardly can connect to GP sever: globalprotect.soton.ac.uk . It has happend to whole team here.

Just want to ask if there are some updates about thi

Dual ISP with VPN

I'm working on configuring a branch office firewall with two ISPs and Site-to-Site VPN to our data center.  The data center side has only 1 ISP connection

I'm reviewing this article again, as I've used it in the past.

https://live.paloaltonetworks.com

DoS policy notify

Hi,

We have configured a DoS policy in order to limit the connections to several internal services.

So when we launch a test in order to check that the connections are being limit we dont see any logs or event reporting it.

But looking in policy statis

Comcast internet VPN disconnects

My company has not transitioned to GPCS yet and currently still uses Cisco AnyConnect. We have 10K+ remote users and 5weeks ago about 100+ users started getting random disconnects and they are all Comcast users with XB3 type modem. I wanted to ask th

BGP config same AS different locations

Hello,

We found some BGP routes with same AS we are using at our PA3020.

PA3020 AS 65400

BGP route (from Cisco Router)

 *   172.27.0.0/20    193.242.39.6                           0 65394 65390 8035 21302 65400 65316 64540 4755 4755 i

Usually with Cis

block all video streaming with palo alto PA-850??

Hello all,

I want to block all video treaming with palo alto. do do following this:

    1, go to Objects--> URL fitering--> add new URL fitering with name block_video.

    2, in categories, I check in streaming-media and choose block.

    3, I create th

Global Protect Client Bundles not installing. VM100

I am trying to install a client bundle for GP on out test VM-100

The VM has no internet connection so I downloaed the bundle from PA

PanGP-4.0.6

On "device > Global Protect Client " I upload the file, which works but nothign is displayed.

If i go to

IPs and ports allowed to a specific host destination

Hello everyone!

I was wondering if anyone had any tips or knew of any free tools that I could use to easily gather the allowed IPs and ports for a specific destination IP.

We have a user that would like ot know what traffic is allowed to a specific gr

Cannot ping server but monitor sees the ping traffic as allow

My Palo Alto PA200 e1/1 (10.10.10.1/30) is connected to router A and e1/2 (10.10.20.2/30) is connected to router B.

The server 192.168.1.100/24 is behind router A (10.10.10.2) which has a static router to destination 172.16.1.0/24 with next hop 10.10.

New Feature request or ?

Hi

I would like to have apolicy that just logs and does nothing else - ie the packet keeps getting evaluated.

some times I want to know there is packet there but not process it with that line.

Can this be done already ?