如上面所说,当流量跳过防火墙是连接同一台交换机,状态正常,专线网络,没有做nat,会话保持时间也是默认的3600,尝试过override 策略,流量也匹配正常,但是情况还在,抓包分析,流量建立了三次握手以后,后续会出现超时的流量,网络层是正常的,不明白会有超时的数据,有人碰到过吗,有什么解决建议。
We are facing issues with migration from Cisco Meraki MX 67 to PA 850
Hey all,
Recently step-upgraded Panorama from 9.1.14-h4 to 10.2.4-h4. No issues upgrading Panorama. This panorama manages 180+ remote site firewalls. Ever since the upgrade we have *a few* remote site firewalls that are failing to commit properly in 2
Anyone facing the same issue like us, PAN OS 10.2.3-h4, SSH CLI session got disconnected after we login as user AD auth (User Authentication Successful). Is it bug not yet reported?
Hello Guys,
I am new on the Palo Alto Environment, i work a lot with Fortinet.
So in the Fortinet "world" i can register an account like a customer and require for try some of their products, like FortiEMS, FortiOS VM, FortiAnalyzer Etc, all of this
...
Unable to commit after upgrade from 9.x.x to 11.x.x
while commit the error message is below
Hi experts,
Palo alto qos is my first time.
So i have a task to limit maximum bw for youtube in my company is just 10 MB.
Can i assume to config :
guarantee bw : 0
max bw : 10
I assume with that config, i didn't reserved any bw for youtube but
...
Hello,
I'm trying to configure a site-to-site vpn with between two organizations.
Our internal IP range is conflicting with the other organization network, so we are trying implement Source and Destination NAT
The VPN tunnel is up, but I'm str
...
Dear all,
I'm trying to set up our link monitor configuration in our 440, and I ran into a problem. Each of our physical interfaces has many subinterfaces and I only want to monitor a few of those, but when I want to form a new Link Group it doesn't a
Good Day to All,
I have a Firewall PA 5220 running on A/A setup.
Initially it is running on 8.1.4 version and just recently we have upgraded to 9.1.16 version.
Since 9.1.16 version will be EOS by Dec 13, 2023 we plan to upgrade it to 10.2 vers
...
Hi,
We are running on a setup today where the client connects through L2TP to a Mikrotik-router and then connects with OpenVPN to the next environment.
Just now we are switchning to PA440 and GlobalProtect VPN IPSec instead of L2TP, and we have a
...
Hello, we have a service that runs when we build servers that will tag the servers being created with its tag and ip information via the rest api. We're trying to migrate to a new vsys, from L2 to a L3 vsys and when we added the new vsys to panorama
...
hi
I would like to know if the PA-5430 HA1 Interface supports 10G.
The datasheet says 1G.
"1G SFP high availability (2), 40G QSFP+ high availability (1),"
It is listed as 1G/10G on the PA-5400 Series Front Panel page.
Two SFP+ 1Gbps/10Gbps ports for
Hi,
I need assistance replacing a firewall cluster PA-5050 and standalone panorama by a firewall cluster PA-3420 and a cluster panorama.
Actually the firewall cluster PA-5050 and standalone panorama are in production. The templates network is manag
...
BPry
on:
Custom URL Category Not working Properly
OtakarKlier
on:
4-Node Cluster (2x Active/Active) and "orphaned" zone
S.Cantwell
on:
RMA detail
BPry
on:
Palo Alto Mock server for API testing
