This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
About pantac
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About pantac
08-18-2015
31Posts
9Likes
5Solutions
Aug 18, 2015Last Visited
User
Activity
User
Profile
Latest posts by pantac
| Subject | Views | Posted |
|---|---|---|
| 2177 | 12-02-2010 08:12 PM | |
| 3749 | 12-01-2010 09:29 AM | |
| 2108 | 11-24-2010 07:57 AM | |
| 2894 | 11-10-2010 07:27 AM | |
| 2894 | 11-10-2010 06:40 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 12-01-2010 09:29 AM | |
| 1 Like | 10-11-2010 07:20 PM | |
| 1 Like | 07-20-2010 06:10 PM | |
| 1 Like | 12-02-2010 08:12 PM | |
| 1 Like | 11-24-2010 07:57 AM |
User Badges
Community Statistics
| Member Since | 07-28-2009 12:24 AM |
| Date Last Visited | 08-18-2015 09:06 AM |
| Posts | 31 |
| Total Likes Received | 9 |
11-08-2010
09:03 AM
The first thing I would check is that the Interface speeds match to the device they are plugged into. If the PAN plugs into a switch, and the interfaces on teh switch are froce to 100Mb/Full. Make sure teh PAN is configured the same way. If the switch interfaces are set Auto/Auto, configure the PAN the same way. Some relevant commands to run via CLI: show system statistics - shows total bandwidth passing through the PAN show running resource-monitor - shows data plane CPU usgae at different time intervals show system resources - shows management plane CPU usage Do you have QOS enabled? What application is the PAN detecting this traffic as? On a related note, only apply url filter to outbound internet traffic. Do not apply URL filtering on your own internal servers. If you continue to have problems you should contact support.
... View more
11-02-2010
07:47 AM
1 Kudo
no. this is an invalid configuration and will fail to commit (the commit process does some checking for invalid configuration settings, marks this as invalid and gives a configuration error). e.g. Logical interface ethernet1/7.2 configured with tag value 2000. No two logical intefaces can have same tag value. Logical interface ethernet1/7.5 configured with tag value 2000. No two logical intefaces can have same tag value. Configuration is invalid
... View more
10-20-2010
05:26 PM
Zone protection is mostly for setting traffic limits and thresholds. Syn flood: Alert threshold = X Packets Per Second Activate threshold = PPS Action = Random drop or SYN Cookie ICMP flood Alert Threshod = PPS Activate threshold = PPS UDP and Other IP flood, same as ICMP flood. It also allows Port scan and IP scan thresholds to stop dropping packets after X scans in Y seconds. Zone protection does not detect coss site scripting or SQL injection or any HTTP based attacks. Steve Krall
... View more
10-20-2010
11:44 AM
I assume you are using a pool NAT, where multiple internal systems are NATed behind a single external NAT. In this situation the XBOX NAT test will come back as strict. This is normal and the XBOX should still work and users should still be able to connect and play games. You shouldn't need the inbound ports open, because the PAN should detect the XBOX traffic and be able to handle the return traffic gracefully. You're outbound policy should allow the XBOX live application out. In the service column you should either be using application default or any. You might want to create a specific policy allowing XBOX application only. As a test you might try configuring a static (one-to-one) NAT for a device and see if this improves things. What game are they having trouble with? If you still have problems you should open a support case.
... View more
10-14-2010
09:53 PM
1 Kudo
An Application Blocked override page is not avaialble at this time. Pleaes contact your local SE if you would like to set up a feature request.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks