Resolved! security zones and vsys limits
I haven't been able to find a definitive answer. Is the limit of security zones per firewall global or is it per vsys.
I haven't been able to find a definitive answer. Is the limit of security zones per firewall global or is it per vsys.
Hi guys, I'm dealing with a issue new to me, but perhaps somebody else has already resolved it. I built a new local IPv4 prototype based on the malwaredomainlist.ip. The configuration is: age_out: default: null sudden_death: trueattributes: confidence: 95 share_level: green type: IPv4interval: 300indicator: regex: ([0-9]{1,3}\.[0-9]{1,3}\....
When user is connected via global protect. How can destop support person connect to user pc who is logged in via global protect. I tried with desktop connected to global protect and then trying to access user pc who is also connected via global protect. Since users connected via global protect are in VPN zone. Allowing VPN intrazone traffic does...
Dears There is policy on my firewall ,we set the service as "Application-Default" not "Any" . the problem is that when user access to specefic website ,the connection be dropped because the service is "Application-Default" although the destination port is 443 when i change "Application-Default" to "Any" ,website be opened without problem ?! I w...
I'm trying to figure out what the best practice and recommended method is for templates inside of Panorama? I've heard some conflicting info. Some advice says if I'm managing say 20 firewalls in Panorama, I should have a template for each firewall. I've also heard the opposite, that you only need 1 template for all firewalls. I've also heard ...
Hi expert, I got alert on system log is critical about event type user-id on Palo alto " registered-ip-update-failure" follow as below I have wondered with the log is mean? please suggest me.
Getting this warning on several PA-820's running v8.1.2 and v8.0.9."Commit Warning: Profile compiler : app http2 not found (Module: device)" I'm not using anything called "http2" so not sure why this is popping up all of a sudden.I'm ignoring, but just wanted to post it here in case anyone else is seeing it? Commit Warning
I have downloaded the MIB's but cant find anything which would enable me to monitor the status of an IPSec tunnel. Is it possible to monitor IPSec tunnel Up/Down via SNMP?
Is or has anyone else had the problem with applications and services being ignored in rules? I have had an issue from all version from 7.0 to 8.1. I have stopped using applications in rules all together because it will not identify the application and instead mark it as "not-applicable". I have the problem with services as well. For example I wi...
Hello guys, I need to create additional virtual system on a 3020 cluster. Said that I have installed a regular multi-vsys license, I have enabled the multi-vsys capability (Device-Setup-General) on both devices.Now on both of them the HA state (active-passive) is SUSPENDED with the "multi-vsys mismatches with peer" error.But apart from enabling ...
Are the routes configured on the gateway for globalprotect advertised to a non globalprotect client? Like cisco or a native client?
Coming from an ASA back ground I am trying to learn more about troubleshooting in the PA. From what I learned so far there is no command in the PA that tests the full path of communication similar to packet-capture in the ASA. When in CLI I see there is a test command that breaks out different components of the communication path. I can test ...
Hi All, I have a client who asks me if it is possible to generate a report (for example, an annual report) where part of the records are stored in a Syslog.My question is, can the FW extract information from the Syslog to create a report?I appreciate your help.Regards
Our panorama is in Legacy Mode with no additional disks.We are planning to do two things.• Adding another 2TB disk for logging • Change it from Legacy Mode to Panorama mode.I’d like to know the best order to follow. Can we add the disk first (which will also start moving the logs from the system disk to the new disk) and then change it to Panora...
Hi all, What is the latest most stable globalprotect version ?? Thanks,Lakshitha.
| Subject | Likes |
|---|---|
| 4 Likes | |
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
| User | Likes Count |
|---|---|
| 8 | |
| 5 | |
| 3 | |
| 3 | |
| 2 |

