HA active/passive OSPF design

Hi,

   Following topology is from PAN's design guide for A/P OSPF setup.

I wonder if it brings any benefit to connect firewall1 to Edge Router B and

Firewall 2 to Edge Router A with additional cabling run OSPF there too.

   The only thing I can see is th

Allow Teamviewer both inbound and outbound

Hi

In PAN-OS FW we have user based authentication enabled. Now i found teamviewer is not working. I have allowed PORT 5938, 80 & 443.

Thanks..

Assigning security profile to multiple security rules

Hi,

  when you have 100-200 security rule and need to assign a threat security profile to all the rules, what do you do?

Does anyone know an easy way of doing it? I can either script it via XML API but there should be an easier way I think.

thanks.

Best practice wise, which ports do we open on our AWS instance for our TRAPS ESM Server?

Best practice wise, which ports do we open on our AWS instance for our TRAPS ESM Server?

We currently have SQL and HTTP opened with Security groups in AWS for our two offices. This of course doesnt allow users in the field to get TRAPS updates unless

Custom Category block per default

Hi

When I create a custom URL Category, it is automatically added to all URL profiles with action set to "none".

Can I set this default action to "block" - that means, the new URL category will be automatically added to all URL profiles with action se

GlobalProtect - Authenticating using trusted domain credentials

My company has recently configured Active Directory/Windows Domain Trust between ourselves and another domain (we have recently merged as a company).

Our users currently authenticate to GlobalProtect using LDAP linked to our domain controllers. Is it

Forward Trust Certificate greyed out

Hi

I have an enterprised signed CA Certificate and also intermediate certificate. But when I install either of these, it shows that cert is valid but I cannot mark the check box for Forward Trust Certificate. It is greyed out. I can only add self sign

Global Protect IP assignments

Its seems with the 4.1.4 client then when a user connects and gets an IP address that the client remembers the IP.  I have an issue where that has happened, but the user got it out of the wrong pool and I can't seem to find a way to get it released.

Captive Portal on second firewall

Hi community

Most of you know about the captive portal feature on paloalto firewalls, to get user-ids for not yet somehow authenticated users. All this is also well documented exept this situation: 

I was wondering if it is possible to configure the c

Mac OS High Sierra Virtual keyboard problem

I use Mac OS High Sierra 10.13.6 (17G65) and GlobalProtect version 4.1.2-11. I use an Apple Bluetooth wireless keyboard and track pad.   I have a physical disability and use the virtual keyboard that comes with Mac OS High Sierra.  GlobalProtect is p

FTP Data Transfer very slow through Palo Alto

Dears

I created Local ftp over Tls through Palo alto . I published this server and create both nat rule and security policy rule and i am connecting from internet using filezilla but the transfer rate is very slow 25KB/Sec . I have dedicated leased l