About tyler

Ok, I am not surprised in life that an upgrade can go wrong.  Happens on many different technologies.  But I recently had my over $60k PA5220 firewall brick going from 17.x to 18.x.  And that was after getting advice from PA support before doing the upgrade to try and avoid a problem.     It amazes me that there is no reliable factory reset function to allow us a path to recover instead of having to wait up to 24 hours for a replacement which now becomes serious downtime.  There was no bad hardware.  The system upgrade process was so corrupt that all factory reset options would not work.  This seems crazy to me.   The whole point of a factory reset method should override anything that might occur to corrupt the system.  Why can't a true reliable factory reset option not be available?????????????????????????????????????????????????????????????????????????????   I have read that others have faced this same problem.  So this is not a one off.  PA needs some serious engineering modifications to this process.  It can't be in PA's interest to have these experiences either.      Tim   ... View more

  I am on PA 8.0.4.  If I go to ACC -Blocked activity, I can see what we are blocking.  Is it possible to generate a report of unblocked threats?  Potential attacks that get through because of policy rules?   It would be nice to generate not just a general attack report, but a report of potential attacks that my polices are not blocking.     Tim ... View more

  I just upgraded from a 3000 series running 6.x to a 5220 running 8.0.4.   The moment I did this, voice over wifi stopped working for iphones using T-mobile or AT&T.   We can't test against Verizon because they won't default to wifi unless there is no cell coverage.    I know that if I set a policy at the end of my rules for allowing everything to the ip address of the phone, it works.  So I know that policy is affecting it.  But  tech support has not identified any rule that is responsible and truthfully, I really don't think any rule is responsible.  After all, I imported the same rules into the new firewal, so it really should be the same polices as when it worked prior to the upgrade.    I really think this may be a bug wiht 8.0.4.     I would especially like to hear back from others if on iphones, the voice over wifi feature works with 8.x systesms (in particular 8.0.4.     note: other colleges using 7.x say it is just fine for them.  Nobody has an ingress rule to allow it.  Just the egress rule "Allow the rest out" policy for all normal egress traffic.   So according to everyone, I should not need an ingress policy.  So why is it broken in 8.0.4?  I can get it working with an ingress policy, but I don't want to open up these protocols and never had to in the past.  Why is 8.0.4 not working when 6 and 7 do?   I would really like to know what others are experiencing.  Note: androids are not an issue.  This is just iphones to my knowledge.   Tim ... View more