General Topics

Resolved! VM Palo : Unable to see any traffic in traffic log under the monitoring Tab

Hi All,

I have setup a VM palo on ESXi as home lab, but i can not see anything coming up under the monitoring traffic log. I tried to change the default behavior of the implicit security policy rules at the bottom to log at both start and end but stil

Resolved! IPSec VPN decapsulation bytes are increasing and encapsulation is constant

Hi All,

Followed this article on teh troubleshooting session:

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Troubleshoot-IPSec-VPN-connectivity-issues/ta-p/59187

We currently have an issue with S2S VPN between Palo and WatchGuard Fw

Resolved! How to control global protect resources access by username

Hi

I want to control access to resources "for users connecting through global protect" by username level.

How to do this?

And which is better assign the tunnel interface to a new zone or to the trust-zone?

Thanks

Resolved! Palo Alto Routing Issue (Forwarding Table)

Hello Everybody,

I have several PAs for branches, we have MPLS that is connecting all our branches. We are changing our design in order to use site-to-site IPsec tunnels from each branch to the HQ. And using OSPF in our tunnel to advertise our subnet

Resolved! SSL VPN and IPSEC VPN sessions perpormance

Dear 

Any one know the SSL VPN and IPSEC VPN sessions limit  in all of the PAN platfrom model . if yes please help to give me a list about that.

Thank you so much

Resolved! Monitor Traffic Searching for Dst Subnet

I frequently use the ( addr.dst in 10.211.2.94 ) query type to search traffic in the Monitor tab of the PAN gui.  

What if I was looking for any host in the 10.211.2.0/24 subnet? Is there way to have the equivilent of

( addr.dst in 67.211.2.0/24 ) or 

Resolved! LACP from Palo 3020 Active - Passive to Cisco switch

Hi All

After some help from the Guru's.

I am trying to configure LACP between PA 3020 Active / Passive and cisco switch.

I have created the AE group interface Inside with the ip address.

I have added 2 interfaces to the AE Group on each FW.

I have create

Resolved! Disk usage for / exceeds limit, 95 percent in use, cleaning filesystem

Hello,

Since upgrading PA-200 to 8.0, we’re having disk space issue more often.

It seems to be due to excess logging, which we clear up.
Is there a way to automatically clear these logs once the disk hits a lower threshold?

Thanks in advance.

Resolved! MineMeld CentOS/Docker Stability

What is the current standing of the MineMeld CentOS docker deployment model?

The latest post I have seen from @lmori (29/11/2016) is that it is "quite stable now and supported".

Could we get an update on PA's current stance on this deployment mod

Resolved! Any Packet Lost when Changeing Interface Type from HA to Aggregate (of HA type)

We have an Active/Active PA-5050's in production with HA3 running on a single ethernet (1GB).

I need to know if there will be any packet lost (HA packet forwarding) if I change this interface from HA type to AE type/AE group (e.g. ae8). Considering t