DSRI on IPSec/VPN traffic

We have a rule allowing VPN traffic (IPSec) from our Guest environment. This traffic is non-decryptable. We would like to reduce CPU by disabling Server Response Inspection for this traffic? Do we lose anything from a security perspective if we do so

Port Forwarding Problem

This should be fairly simple but am at wits end.  

I need to forward 2 ports from an external IP to an internal private ip (Ports 8088 and 22).  I found this article and am following its example:  https://nubisnovem.com/pinning-a-hole-in-palo-alto/

Auto reconnect Global Protect

Hello Everyone

There are some branch offices which have slow internet connection.Sometimes because of no internet connection for 5-10 seconds Global protect disconnect.Is there any option to automatically reconnect global protect?

Global protect for multiple customer in same vsys

Hello Team,

We want to deploy globalprotect  ssl vpn for multiple customer on same vsys.

Is this possible an dif yes any licensing required

NAT configuration for a Networks (Not) Connected to the Firewall

Hello!

This is the scenario and configuration that works on 8.0.3. It is implemented in our company.

Servers on public_dmz have public addresses and access Internet with that addresses. Only server with address 2.2.2.10 needs to be translated to 3.

What is fips-gated?

can't find a definition for the setting fips-gated = true, what is fips-gated?

Panorama having issue after after export the tech support via webgui

Hi , 

I am having the issue after export to tech support file . there was some chnage after that , when commit getting  the error 

"Operation Commit
Result Failed

DetailsThis config has been sanitized of password data because it was exported by a non-su

Applying differing inbound QoS profiles in a dual-ISP failover setup?

Hi-

I need to configure a dual-ISP failover setup as described in the following article:

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-a-Palo-Alto-Networks-Firewall-with-Dual-ISPs/ta-p/59774

However, I have a couple of

Palo alto passive link shutdown mode drawaback and auto mode advantage

Hi All,

I want to know Palo alto passive link shutdown mode drawaback and auto mode advantage.

Is the any issue to confiigure passive link in shutdown mode

Brute force attack

The PA showed one of the pc's on my network was the source of brute force attack to the Netherlands so I blocked it. Anyone have any ideas what needs to be done to remediate the issues on the PC?

EDL for Office 365 DoD Tenant

I installed Minemeld and found the office365-config.yml file to import in order to build my External Dynamic Lists. Unfortunately, we are not using the commercial tenant for O365, so I'm wondering if anybody knows of a different file that you can dow

[Install Error] Ubuntu 16.04 - No repository field

Hello,

I'm trying to install Minemeld on Ubuntu 16.04.

https://github.com/PaloAltoNetworks/minemeld-ansible

I receive the following fatal error during the npm install:

TASK [minemeld : npm insta