GlobalProtect timeouts.

When configuring a timeout on Globalprotect, the documentation reads:

• Modify the maximum Login Lifetime for a single gateway log

Windows Install Failing

Hopefully someone can help or point me in the right direction.  We've been askedby one of our clients to use Global Protect but the client is failing to install on some PCs.

They are running Windows 10 Pro and get the following error when trying to i

Ingress inconsistent Packet dropping

Hello,

There are intermittently packet drops for the traffics destined to Internet from the trust zone.

No deny log as the traffic cannot traverse through Palo Alto firewall so I can only see drop and receive logs not firewall and transmit logs from

GP VPN causing slowness

recently pushed out always-on vpn, but one site/office is reporting slowness when connected to it. The office is a managed office, so i have no control over their internal network.

When VPN is disabled they are able to hit 600mb download/upload. As s

SNAT do I need to add the SNAT address to my lo

Hi

I have a working SNAT, but the src nat address is only defined in the SNAT rule.  should I also add it to a lo 

Alex

Relevant Zone for an IP address in Vwire

Hi Experts,

Could you please suggest how to find Relevant Zone for an IP addresses in V Wire mode.  When configuring security policy, we need to mention the source and destination zone.

 We've PA firewalls only configured in Vwire with multiple zones

PBF not working when ECMP is configured

HI 

I have two internet links and configured ECMP to do load balacing based on weight,

Here I want to allow few users from my internal to specific desired destination based on my PBF to take my ISP2 path.

But it is sometimes taking ISP 1 and sometime

Multiple GlobalProtect Gateways on same interface?

We recently (today) configured pre-logon VPN, but have come across what could be a show stopper. As its currently configured we have configured:

Gateway > (gateway name) > Authentication > Certificate Profile > (a client cert signed by our infrastruc

how to get DNS domain name in security policy instead of domain name

HI Guys,

I have a question regarding LDAP, I have synced AD with my firewall and it works good. But it shows only the netbios name is there any possible way  in palo alto to show DNS domain name instead of netbios name

USERS WEB Surfing

Hello all

There is a task.The Management want to see what employers do during work time.Which sites they surf and so on

We have Palo Alto PA-850

Is it possible to show them in real time which user surfing which web site.I mean real time surfing?

I know t