Multiple DHCP Servers on one interface?

Hi everyone,

The proposed network layout is the following:

We have three seperate networks connected via a layer three device to a Palo Alto Box (the black Server in the picture). Can the Palo Alto be a DHCP server for the three seperate networks, if i

Migration Tool 2.1 Generate XML Fail

I have the 2.1 tool and did an error check then went to generate an XML file and get Push Configuration failed for PANOS and or Panorama

Global Protect Satellite reconnect via API

Running PANOS 6.0.2

I'm trying to use the XML API to reconnect a Global Protect Satellite to the gateway but getting:

<response status="error" code="400">
<result>
<msg>Unsupported command.</msg>
</result>
</response>

My API call is:

https://192.168.19.10/ap

Current method for requesting Application updates?

Hi there,

   So far, I haven't been able to find the correct method to submit packet captures to Palo Alto Networks for unknown applications. In my case, I'd like to post some captures for updates to the Bloomberg Professional software, but the email

Query Palo Alto Firewall PA-5020 using Firemon

Hi

I am working on integrating Firemon with Palo Alto and need to query the Palo Alto for zones. Here's what I am trying to do.

Problem statement: I want to write a query that would give me the list of firewall rules with ("any" in "Destination zone"

Custom APP-ID for SMTP traffic

I have a request to forward all incoming emails attachments to Wildfire cloud, but not for all users. we need to exclude some users.

I think this can be achieved with custom SMTP application to match destination email address.

How to search for rules with Security Profiles?

I have a pair of Palo Alto firewalls containing 1500+ rules and running PAN-OS 4.1.9. Both firewalls are running in HA and are managed by Panorama. Some of those rules are having Security Profiles configured and the majority doesn't. Is there a way t

Custom APP-ID

I have deployed a new application on our network and found that this application has some communications that take place on TCP-2000. Noramlly this port is used by cisco-sccp. The data that is being passed is not a normal "cisco-sccp" protocal traffi

Deploy custom signature using XML API

I'm trying to deploy custom signatures using the XML API which gives me the following error:

<response status="error" code="12"><msg><line>Object cannot be overridden</line></msg></response>

This was after I was trying to use action=set which gave the

Block - Ask toolbar

Any plan to block "Ask toolbar"?

Regards,

Moorthy

Chromebooks

We are a school district with a growing number of Chromebooks.  We are having problems identifying what student is on the Chromebook.  We have a work around right now (Captive Portal), but it relies on the student shutting down the Chromebook when th

USER-ID Settings: Why is the "User Identification Timeout" a global setting

Hi,

i use a syslog collector to receive ip-user-mappings from an Juniper Secure Access Gateway.

It works quite fine, i created a custom syslog filter on my paloalto and created the correspondig Server Monitor entry for my Juniper Systems.

a simple "show

Unexpected behavior when deleting address-group member using XML API

Hello.

We are using XML API to create or delete address and address-group.

When I deleted address-group member using XML API, address-group member was deleted even if there is another member. (It had just one address member)

As you know, we can't delete

When will the msrdp AppID be udpated for UDP 3389?

Hi:

MS RDP v8.0+ (comes with Windows 8 & Server 2012) uses UDP 3389 for RDP in addition to TCP.  Furthermore, it also tries UDP first (this may be with v8.1 - can't remember).

I know I can workaround it - I just want to know when will the AppID itself