Blocking Hexa Protocol (Hexatech VPN)

I just became aware of this yesterday, but we were seeing a rise recently in "unknown-udp" traffic on our Palo Alto Firewalls and have discovered what it was.  The amount of traffic was significant - always used the more bandwidth than anything else

SAML ADFS for GlobalProtect

Hi,

Is someone able to shed some ligh on the below.

1. Can SAML be used to map to an LDAP group, if so is there guidance?
2. Does PAN support using SAML AND prelogon/alwayson with GP?

Thanks

VPN Palo Alto - Microsoft Azure. Slow transfer. Not reaching internet by this tunnel.

Hello,

We are having a annoying issue :S We have configured a tunnel routed-based between PA (7.0.6) to Microsof azure. The tunnel is up but we are detecting several problems. 

1) The transfer speeds are very low, fluctuate and are nothing stable

URL Filtering response pages never appear

Hi, 

My URL filtering response pages never appear, even the default ones.

Is there anything to do to activate them ? I always have the "This site can’t be reached" message with a connection reset.

Thanks

Syslog miner not recieving the syslog messages

HI All,

I have used the below link to configure Syslog miner, but metrics are not showing up in stats.

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262

I have tried to troubleshoot  using following discussi

Clear Config on new Palo

Good Morning. Is there an easy way to clear out all configuration settings on a new Palo without having to go through the CLI to clear each item individually, or doing the same in the GUI? It is time-consuming to have to go in and delete the default

NAT very slow

PA-3020 Software Version 8.0.4
I have several policies U-Turn Nat and Destination Address Translation in the DMZ
Three times a day the acces to these Policies becomes very slow
If I send a ping to one of these servers the time is very large the 1000 to

Virtual Panorama for Log viewing only

Hi all,

I hope someone already did something like that to answer my question 

We have a virtual Panorama on PAN-OS 8 with a local log collector. On this panorama we manage differdnt firewalls and also store the logs of these firewalls. This panorama

sync issues

My HA pair went into split brain so I rebooted the secondary and now they will not sync

site 2 site with Meraki NAT'd behind ISP router??

We have a remote site connected behind ISP router and Meraki receives 192.168.X.X IP from it, and all networks locally are connected further to Meraki. The main site has public IP directly on the firewall. Not sure how to make configuration work.