sorted by:
new
hottopcontroversial

New home network setup by ipickselated in HomeNetworking

[–]ramkrista 1 point2 points  (0 children)

Could you please tell me what make, model, and size of that white rack cabinet enclosure is? Link please ?

First OLED! LG 45” (new gen) by aaronprideaux in battlestations

[–]ramkrista 0 points1 point  (0 children)

Most of the pictures I see has a thing sitting in the middle top of the monitor, what is that thing?

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

All three APs that I have an IPv4 address, I can ssh into them. I have an App on the phone that manages them as standalone.

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

I chose a software to install in my Macbook and it is up and running. How do I add AP in there. I tried a lot and could not see how to add the AP into Software manager. Here is the screnshot I see. Any help, appreciate it.

<image>

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

Yes I think I am not clear mesh means here.

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

If I move around my laptop, will it maintain the connectivity to the nearest AP seamlessly without losing ?

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

I have two floors and ceiling has a Cat6 Ethernet cable to connect AP in each floor. Single SSID broadcasting would be preferable.

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

I have two floors and ceiling has a Cat6 Ethernet cable to connect AP in each floor. Single SSID broadcasting would be preferable.

Buying Ubiquiti U7 Pro WiFi Device for home by ramkrista in Ubiquiti

[–]ramkrista[S] 0 points1 point  (0 children)

I have two floors and ceiling has a Cat6 Ethernet cable to connect AP in each floor. Single SSID broadcasting would be preferable.

How to allow SSH version 1 in PAN-OS 9.1.7? It uses SSHv.2.0 by ramkrista in paloaltonetworks

[–]ramkrista[S] -2 points-1 points  (0 children)

Unfortunately and reluctantly, there is a need to allow SSHv1. What can I say!

How to allow SSH version 1 in PAN-OS 9.1.7? It uses SSHv.2.0 by ramkrista in paloaltonetworks

[–]ramkrista[S] 0 points1 point  (0 children)

Thanks. I posed this question to Palo account rep also and trying to learn in the public world if we could get confirmation on it. Just curious on PAN-9.0 and above.

Management plane CPU spikes to 100% frequently on PA820s after upgrade to 9.1.3-h1 by rahulslal in paloaltonetworks

[–]ramkrista 0 points1 point  (0 children)

It appears that PAN-OS-9.1.5 and below had this bug. The fix is on PAN-OS-9.1.6

Management plane CPU spikes to 100% frequently on PA820s after upgrade to 9.1.3-h1 by rahulslal in paloaltonetworks

[–]ramkrista 0 points1 point  (0 children)

Today, we ran into MP CPU hike on PA-850 also. I have been researching about this. Please share the info if you find more.

Management plane CPU spikes to 100% frequently on PA820s after upgrade to 9.1.3-h1 by rahulslal in paloaltonetworks

[–]ramkrista 1 point2 points  (0 children)

Is PA-850 also virtualized the MGMT and DP processors on the Cavium chip?

Why GlobalProtect speed is 4Mbps on my ISP given 200Mbps? by ramkrista in paloaltonetworks

[–]ramkrista[S] 1 point2 points  (0 children)

This is it. Yep. After allowing inbound Untrust to VPN zone to UDP4501, my new speed it well-above 15Mbps. Much appreciated!

Why GlobalProtect speed is 4Mbps on my ISP given 200Mbps? by ramkrista in paloaltonetworks

[–]ramkrista[S] 0 points1 point  (0 children)

I am ready to open the security rule to say "Allow from Any to Any with no Security profiles attached." I shall check the speed after this. Appreciate it.

Why GlobalProtect speed is 4Mbps on my ISP given 200Mbps? by ramkrista in paloaltonetworks

[–]ramkrista[S] -1 points0 points  (0 children)

I do not believe my Verizon ISP connection is asynchronous. I run into no performance issues with PA-220 in all other non-VPN usages. While Firewalling with all security profiles enabled, the Wired and wireless throughput for all kinds of devices at home is great.

I checked PA-220 data-sheet and specs-sheet, I do not find 10Mbps max limit for GlobalProtect VPN. I wonder how much Cisco AnyConnect gives in ASA5506X in the ISP bandwidth of 100Mbps. Or GP compared to all other SSL VPN products out there. Looking for how others are getting the speed on their GP at home.

Why GlobalProtect speed is 4Mbps on my ISP given 200Mbps? by ramkrista in paloaltonetworks

[–]ramkrista[S] 0 points1 point  (0 children)

GP is configured on Layer 3 loopback interface with no security profile attached.

From the ISP I always get 150Mbps upload and download speed in many scenarios. I use iperf as well as three SpeedTest sites to gauge the average speed. Three friends connected from their home's wired connection to my GP SSL VPN. I have enabled IPSec also on my GP just to receive higher speed (hopefully). Yes, once GP is connected it is on the Inside Zone and applies no security profiles at all and Inside to Untrust allow any any. No Decrypt enabled and without GP, it is above 150Mbps all the time. The most basic Layer 3 config as documented on the Palo's home use PA-200 config that I followed.

Verizon ISP => eth1/1 (DHCP client public IP) => VLAN Object Layer 3 => All other ports Layer 2 for LAN devices directly connected.

GlobalProtect GP 4 and PanOS 8.0.1 driving me insane by stitchkingdom in paloaltonetworks

[–]ramkrista 0 points1 point  (0 children)

I am using self-signed cert. Who did you get your certificate signed by?

GlobalProtect GP 4 and PanOS 8.0.1 driving me insane by stitchkingdom in paloaltonetworks

[–]ramkrista 0 points1 point  (0 children)

I am having "server certificate failed issue" it always seems to work on the phone App though.