Hello Everyone,
Recently I have faced an issue where Xbox Live fails to connect or more specific, fails to 'authorise' when decryption is enabled.
Looking into this further it seems that Xbox Live connects to similar services that Windows uses fo
...
Hi
We're running 4.0.1 in a test environment. We have a large Checkpoint rulebase that we will export. It ideally needs a rule tidy up to remove unused rules and objects.
Can someone describe how the "Highlight Unused Rules" tick box option on the pol
...
Hello,
As you may know, PA HA is per physical boxes only. If you have 2 boxes running virtual systems and you want to have HA, you can't have VSYS1 on box1 active and VSYS2 on box1 standby. Box1 must be active on all VSYS on it or Standby on all VSY
...
Has anyone done a successful deployment with Cisco endpoints, Cisco Jabber or Skype for Business with BlueJeans video bridging? We are having issues when someone starts a presentation the video is on one screen and works fine but the second screen wh
...
Our firewall is setup to export Netflow data to Nagios Network Analyzer. We need to know:
a) How often is data exported from the Palo Alto to the NNA collector, and
b) How large are the packets sent from the Palo to the collector
Any ideas on
...
Hi,
We have Cisco ACS which authenticates our wireless users(mobile phones,laptops).How can i configure Palo Alto and Cisco ACS to collect User-IP mapping? PA version 7.0.3 , ACS version 5.7
I have a couple of Nintendo consoles on the network which would like to connect for online gaming.
I am on a cable connection so am using Dyndns lookup for my external-IP.
I have the following Bi-Directional NAT policies configured.
Applicati
...
Hi,
I want to decrypt Dropbox but it doesn't work. I have a catch-all decrypt policy that decrypts any-any SSL. It works fine except for Dropbox. My understanding is that Dropbox is on the PanOS internal exception list so decryption is supposed to be
...
Currently for Global Protect we route all traffic through the firewall. Is there a way we can add IP’s to the routing table for GP clients only? For instance, add GoToMeeting IPs and have all that traffic go out the Internet. Is this possible?
Has anyone looked into doing any QOS for the PARCC assesment testing? Right now I'm not doing any QOS on our 5050, but think it would be a good idea to do something so the testing gets priority over some staff member watching Netflix during their bre
...
I have a pa 3020 running 6.0.8 doing LDAP lookups to multiple edir servers,
I have many users that PA shows as unknown but when I look on the server I see they are logged in x.x.x.x
Why does this work for some but not all?
I have done the followi
...
With PA-200 there is a command similar to:
set system setting fan-mode auto
in order to throttle the onboard fan(s) so it doesnt rev up to max rpm and stays there as it normally might do.
But this command doesnt seem to exist for the PA-500 ser
...
How are dedicated M series log collectors licensed. We are planning a deployment with two M-100 appliances in an HA configuration. If we add a third M-100 as a dedicated log collector, do we need a third license for Panorama?
Hello,
I am trying to configure to 2 PA to share their user-id data.
I used the following guide: https://www.paloaltonetworks.com/documentation/60/pan-os/pan-os/user-id/configure-a-firewall-to-share-user-mapping-data-with-other-firewalls.html#61291
...
When we generate a UAR (Using Monitor/PDF Reports/User Activity Report) on Panorama for a particular managed firewall, we do not get any broswing summary sections in the report. If the same report is run on the firewall itself, we do get that infor
...
TomYoung
on:
Can you have an interface with an SFP in receive only mode?
reaper
on:
VM-50 discontinued?
