Intra Traffic between hosts of isloated vlan

Hello,

We have two host part of same zone [vlan] but set up as isolated VLAN on switch.

The uplink of switch is connected to FW Zone.

And I am wondering whether a pre or post is necessary to allow intra traffic between these two hosts living in a iso

Global Protect with Entrust Radius Server

Has anyone ever worked with integration Palo alto firewall with Entrust Radius server for authentication users for Global Protect? I have a few questions.

US Government / DoD Conttract

Is there a mechanism to add purchased devices to a pre-existing government contract?  I would assume PA runs a DoD contract similar to Cisco, wherein devices used by the DoD can be added to a contract vehicle of some sort to receive software/hardware

PaloAlto Firewall Vsys

Dears

i have an 2 no's of physical PAN in HA and in multiple vsys that are splited as an internet firewall and DC Firewall,  can i know the disadvantages for the same. can i know the firewall resources are shared example CPU, RAM, if an CPU or RAM co

How to create Custom Application Signature to identify WebRTC Application with Cisco Meeting Server

A Custom App-ID allows you to do two things:

1. Create pattern-based signatures for traffic that doesn't match any of the pre-defined application signatures.
2. Create a Custom Application for use in an Application Override Policy to override a pre-define

PBF Rule Monitoring - Forced egress i/f?

I have a dual ISP configuration.  ethernet1/1 is primary Internet.  ethernet1/2 is backup wireless Internet (phone or dedicated hot spot as needed).  ethernet1/2 is connected to an old Linksys router running DD-WRT and it automatically connects to my

Traffic Log - What's the difference between the "Type" field and the "action" field

While investigating and navigating in the Traffic Log, I noticed for some traffic the Type is Drop and the Action is Deny, While in some traffic, the Type is Deny and the Action is Reset Both.

The Security Policy Rule is configured with the Deny

Internet is not reachable

Hi We have a pa-850 in our site and the issue is when i try to ping isp side ip , i am able to get ping  response. 

But when i use command ping source <eth1/1 ip configured with isp range usable ip>  host google.com

i am not able to get  any  respons

How to Disable Auto Commit in Firewall

Is there any way to stop Auto-Commit?

I am facing issues with one of my Palo Alto Firewall where Auto Commit keeps failing and starting again & again.

Due to BUG, it's happening, and solution is to upgrade or downgrade to another release.

Whenever

PA-3200 Series & PA-3440 QSFP port Difference

Hello.
There are 4 QSFP+ ports of 3200 Series.
There are two QSFP+ ports of PA-3440.
QSFP port decreased as new series came out, and I wonder why.
If you know, please reply.
Thank you.

restoring an NGFW from factory default

Good day to Palo Alto LIVE Community,

What are the steps / procedures for "resurrecting" a dead Palo Alto firewall?

We have a previously-working Palo Alto firewall that eventually needed to be set to factory default settings. (since its console p

PA-220 OID Power and FAN

Hello team,

i have a PA-220 with PANOS 10.1.x and I would monitor FAN and power supply status via snmp.

What are the oids for monitoring these components?

Thanks for the support

BR