Question about redundent paths with IPSEC Tunnels.

I have a HA-pair of 3050s in my corp office with an single existing IPSEC tunnel to a remote office on a 200.

The remote office has very poor reliability on it's existing connection and the local ISP has provided them with a backup satcom link they c

GlobalProtect connects but cannot get IPv4 address

Hi, New to the forum here and my searches didn't reveal an answer. I am using GlobalProtect 3.0.0-74 (what the client gave me) and it connects just fine, but I am unable to see the machines I need to(ping requests time out). Running ipconfig shows I

Panorama & NSX integration and implementation

is the Panorama mandatory to install the PaloAlto VM with NSX.i have 4  servers that NSX installed .and i need to buy PaloAlto with NSX,my qoustions as below :

1-is it mandatory to buy Panorama for instalation ? i know it may be hard to mange each one

adding a host to cluster where vm-series service is deployed

Will be another vm-series virtual machine deployed when new ESXi host is added to the cluster? Virtual Palo Alto service is deployed on entire cluster basis. Do you know any documentation saying what would happened in this situation?

Comparitn two device configs to find missing and inconsistent entries.

we have a head office and disaster site PA3020.

It's taken 2 months to get the DR firewall online, originaly it was a clone of the HO one so all settings were the same ( excepet ones that had to be unique)

But now after that 2 months we have made a n

Globalprotect VPN client version for Mac High sierra

Does anyone know what version of Globalprotect client work with the mac OS version High Sierra?

Antivirus reset-both action for mail protocols

Hi!

We enable the blocking email viruses  attachement  by setting the antivirus profile with an action “reset-both” for SMTP.  The virus attachement could be blockded, however the sender’s mail server keep retry until timeout and no undelivered mail

Authentication policy

Hello,

I'm in proccess of migration from TMG to Palo Alto. One of the rules on TMG whic is used to publish web site to the Internet have AD autehntication enabled. Because I can't change anything on web server and I have to enable some kind of authent

Stuck out of management

Hello guys,

I have made a stupid mistake on a PA-820. I have changed the Permitted IP in the Interface Management Settings to a single IP (the Panorama server) and now I cannot access the device anymore.

Any ideas? I cannot access even in SSH. The Pa

Panorama Read Only mode?

Hi all,

I cannot modify my Panorama templates (Network, Device), even though I logged in with the admin account. As I attached the screenshots, it says (Read Only) mode and grayed out the check boxes, so I am unable to modify the Interface Management