About LCMember4427

Hi, We have a VM-100 running under VMWare vSphere 7 on a brand new Dell R640 host.  However its datastore (with its VM files and folders) are located in a iSCSI SAN where the controller is starting to get flakey. Hence I would like to either clone OR migrate its datastore folder to the R640's internal datastore so I can remedy the SAN controller problem. My question is:  If I switch off the VM-100, can I clone its datastore folder to the R640 internal's drive and restart it from the cloned folder copy without risking that the VM-100 license gets invalidated?   If yes, what is an absolutely bulletproof procedure to move a VM-100's datastore folder?  I only have a very small timeframe to do this in, so I just need to be sure to get it up and running again safely with no hassles.... Thanks for comments Tor   ... View more

Hi, This is a boarding school situation.  By mutual agreement we close internet access to the dorms from midnight to 6AM.  Several years ago we tried to control the DormsNetZone rules by a schedule.  However as this didn't kill the active sessions it was of little use for us.  Now we interrupt the AC power to the DormsNet distribution switch to achieve a complete closedown of this network zone.   However it would be far more elegant and not so brutal to control this with our VM-100 features.   I can set a schedule from midnight to 6AM on the rules and do a "clear session all filter from DormsNetZone" from CLI but the latter must be done manually as I'm aware of no cron features in the CLI...   I assume that it would be no use to create a scheduled DENY ALL rule from DormsNetZone to UnTrust during the nights either.... Any suggestion on how to automatically 'disable an interface' in PanOS governed by a schedule is highly appreciated  🙂     ... View more

Hi, Recently we upgraded our VM-100 fw from v9 to v10 and apart from the yellow login wallpaper there was not much visual changes after the transition.  Everything is running as smoothly as before, except an issue with SNMP traffic statistics.   We extract interface traffic statistics from our VM-100 via SNMP to a Cacti OVA appliance so we easily can monitor throughput graphs from every interface in the FW.  After the upgrade these graphs were populated as before EXCEPT for the WAN/Untrust interface.  It reports only 100-400 kbits/s instead of 300-400 MBits/s as it did before.  We have not changed anyhting neither in Cacti nor the VM-100 interface settings.  And all the other VM-100 (non-WAN) interfaces are displaying traffic in MBits/sec as expected.   I have checked the upgrade issues but not found anything which can cause different SNMP statistics reporting from the WAN interface compared to the other interfaces.  Anyone here who have an idea why we are experiencing this order of magnitude change in the WAN interface's SNMP statistics after upgrading to v10?  Is it somehow only reporting some special traffic and not the interface's global throughput?   Thanks for any help and comment! ... View more

Hi We have had a VM-100 under VMWare 6.5 ESXi on a 32Gb Dell PowerEdge 2950 for a few years now.  We serve a 250 students' high school with dorms so the FW works around the clock...  Throughput has been ok with few complaints, but when I checked the monitoring on the VM this morning I saw that CPU load was alarmingly high.  See screenshot below. My impression has been that the good ol' 2950 coped relatively nice but after having seen this I think it's time for an upgrade.  What do you think..?   What do you suggest as suitable new hardware for our VM-100 with 400Mbit/s fiber access and 300 users..?  I dont want to buy a lot more CPU than the VM-100 in this scenario actually requires.  So which CPUs and amount of memory should give us most bang for the bucks?   Thanks a lot for comments 🙂   ... View more

We find that an increasingly number of students never get the captive portal auth dialog popping up once we switch on CP (when we are having a test or exam) for their subnet.  The dialog pops up as expected for most of the students, but there are always a significant bunch that somehow never get the chance to authenticate, hence the FW classifies them as 'uknown users' and let them pass by our restrictive traffic rules.   All computers are non-domain and from we started using PA-500 8 years ago this setup worked without any problem.  Now we are using a VM-100 (currently on the latest v8).  It seems that the number of non-authenticated clients augments little by little, but the problem don't seem to affect the same users each time we switch on CP.   The user computers may have been in hibernation from before CP was switched on and / or they may have any browser open at the moment we switch on CP.  However I thought that any http or https request issued after CP had been switched on would trigger the CP auth dialog to pop up, but apparently this is not the case.   I have also tried issuing a 'clear session all filter from <class-zone>' but that does not help either.   I am at a loss where to start tracking down this.  Please pop in with tips or info on what mechanisms are triggered both on the fw and on the client computers when CP is switched on and where / what to test for in this case...   It seems to me that something like this would be nice:  while unknown/unauthenticated users exist when CP is active then kick up the CP auth dialog for each of them 🙂   Thanks in advance for help on this 🙂   ... View more