Traffic Monitor Operators
Hey!is there a way to define a "not equal" operator for an ip address?Why does "neq" not work?
Hey!is there a way to define a "not equal" operator for an ip address?Why does "neq" not work?
Hello guys, I have 2 plao alto configured with HA Active/passive mode. On both firewall, I configured link monitoring on link group with ethernet 1/11 and ethernet1/13 that are aggregated on Ae1 with condition "ALL". Those interfaces are plugged to a switch with LACP configuration and this switch is plugged to the Intrernet Router. The objective...
Do I need a full vSphere management suite for Panaorama VM deployement or whether I can get away with a free version of eSXi?
currently i am blocking al the urls to netflix. so when user access the website they get message blocked due to url on cli i see PA has to do some processing in order to block the url .if i block the application netflix instead of url that will redice the cpu processing on the PA right?
I need assistance configuring/verifying if DNS Sinkholing is correct on my PA3020 running PAN-OS 7.1.18.
I have a Hyper-V cluster that spans 4 hosts that I want to protect with a pair of PA VMs. My question is do I need a pair of PAs for each host or do I add these two into my existing cluster and make the trusted interface on my existing vswitch and untrusted interface the physical vmlan interface used by my hypervisors? If anyone has deployed a P...
As it's becoming a yearly tradition, I'm challenging all of you to come up with something funny Last year we did pictures, this year we're going to have a go at Haikus! We'll be selecting a (or more ?!?!) winner(s) who will not only receive eternal glory in the hall of spooky fame, but will also receive some great 'loot' from our sarcophagus! ...
I have a pair of VM-50 as an HA pair. When the primary firewall fails the IP is moved to the new active node but the MAC address changes and the ISP cable modem most likely does not accept this. The only resolution is to release and renew the DHCP address which is obvisouly not a workable solution for an automatic failover. Any ideas?
on logs i see Running config not syn with passive device log shows 2018-11-15 10:51:48.693 -0700 HA peer URL Database set to Mismatch
Hi community, i am trying to access a website from LAN side of palo alto, even though correct policy is configured, tcp handshake was not complete. after packet capture i am able to find below points client sending syn packetbut i am not able to get syn-ack packet from server,able to see one ack packets from serverserver is using 3-way handshake...
Hi, We have a cluster in PanOS 8.1.2. Suddenly we were reported that several users didnt work properly. We went to the active node and saw this: In order to solve quickly we decide to do a failover. After that i worked properly. So we would like to know why in a node the behaviour is strange. So PA is applying rule wrongly. Its applying the rule...
Hi I have upgraded my passive palo alto firewall to 7.1.20 post which global protect portal is not working. I'm seeing SSL session cache request comming in from external source. But the webpage page cannot load after adding the exception. Same works good in primary firewall 7.0.9 7.0.9 to 7.1.0 to 7.1.20 is the upgrade path that I went. Whenever...
we are getting email alert for the Fqdn Refresh job failed on passive devicedoes passive device need to do the fqdn refresh?
hii am trying to add 10/8 as premitted IP subnet in mgmt interface but it seems to not work? anyone else has experienced this?
Hello, Looking for suggestions and recommendation, just got an offer from the ISP to upgrade the Internet speed to 1Gig down and 10Mbps up for a very good price. Except I have a PA220, the spec is good for 500Mbps with AppID and 150Mbps with threat. That just won't fly. I am aware the 220 can do better than 500Mbps. I don't think I can go...
| User | Likes Count |
|---|---|
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 |

