About minow

How PA decide on user IDs, for example if i have an IP that the user was mapped from UIA, and then a security log in AD map this IP to another user? or a user that loging with global protect through local DB, and then authenticate to AD, and the PA gets a new mapping from the agent ? thanks ... View more

hey how can i see what configuration is still local on the PA device. i have a site in which i move the PA device into panorama, i have chosen to move all the device config into panorama except the HA configuration and individual configuration of each PA, now i have reset one PA configuration and push the config from the panorama, and i get that the configuration is not synchronized (missmatch) i think there is still local configuration on the device that is not configured in my template. thanks for any help ... View more

hey i am trying to analyse if the PA is under load regarding to the PA specs, the customer is having sometimes disconnects on the network, i can see that the CPU have peaks sometimes but mainly is OK netcom@PA-IL-ACTIVE(active)> show running resource-monitor hour Resource monitoring sampling data (per hour): CPU load (%) during last 24 hours: core    0       1       2       3      avg max avg max avg max avg max        0   0   8  24  29  68  29  68        0   0   8  23  28  75  28  75        0   0   7  23  24  61  24  61        0   0   6  19  20  50  20  49        0   0   9  28  29  76  29  77        0   0   6  21  21  64  21  64        0   0   7 100  20 100  20 100        0   0   5  15  16  44  17  44        0   0   6  17  19  59  19  60        0   0   7  26  21  73  21  73        0   0   5  17  18  47  18  46        0   0   5  12  17  40  18  40        0   0   7  16  22  55  22  55        0   0   7  24  21  68  22  69        0   0   7  31  23  80  24  79        0   0   9  26  31  83  31  83        0   0  11  76  36 100  36 100        0   0  10  61  35  94  35  94        0   0  15 100  50 100  51 100        0   0  13  25  45  87  45  87        0   0  11  27  41  83  41  83        0   0  13  33  42  84  42  83        0   0  13  45  46  99  46  99        0   0  12  33  41  83  41  83 The output of this command show system statistics session Is: Device is up : 71 days 23 hours 16 mins 49 sec Packet rate : 7464/s Throughput : 27602 Kbps Total active sessions : 11693 Active TCP sessions : 7649 Active UDP sessions : 3966 Active ICMP sessions : 42 Does this mean that the PA whole throughput is: 27602 Kbps (27 Mbps) So the PA-2050 max threat prevention throughput is 500Mbps so there is no way the PA is under load? Is this the same parameter the one from the command and the one from the datasheet? do you have some scripts that i can run in real time that will show me the relevant output to show what is the utilization of the PA ? thanks dor ... View more

Hey just trying to figure out and play with QOS for understading on how it works for ferther implementaion of QOS policy so my environment is PA-500 with 2 interfaces in VWire ethernet 1/11 - vsys3-untrust ethernet 1/12 - vsys3-trust have my computer connected to vsys3-trust (eth1/12) i have configured 2 QOS profiles one for outbound QOS and one for inbound i have enabled QOS on both of the interfaces as follow because what i learned is that PA only support QOS only on the egress of each interface: now i have configured those polices and played around with them: what i tested is surfing to speedtest.net and check if QOS works only when the first rule ("ANY") was enabled then i could see drawback in the speedtest results (upload and download) on all other i have downloaded in maximum speed, and in the session monitor i could see that the traffic mached to QOS class 4 (as you can see afer enabling rule "Slow Speed Test Download" ... View more