Different DHCP Subnets on same Interface

Hello everyone,

one of my customer has the following specific requirement.

PA500 version 7.1.0

Inside Interface IP: 10.0.1.1/24

Firewall should act as DHCP Server and assign IP Addresses in the following Scopes only via inside interface.

Scope: LAN De

Two Subnets For Two Group Of People

Hi,

Can one help me how to configure two groups of people that use GP as a VPN client?

let say I have user 1-5 needs to access my inside firewall with subnet 192.168.1.0/24

and I have users 6-10 needs to access my inside and couple of the IPsec tunnel t

PAN-DB cloud list loading failed

I've been getting alerts from all my PAN firewalls starting last night at 8:51pm EDT that they can't connect to the PAN cloud to update the PAN-DB URL database.

Anyone else seeing the same or a similar issue?

Issue when loading from AWS Marketplace Palo Alto VM-Series

Hi,

When loading the AMI from AWS Marketplace, I get the following error when the machine tries to boot:

Enter 'maint' for boot menu.

Booting PANOS (sysroot0) after 5 seconds...

Booting 'PANOS (sysroot0)' root (hd0,1) Filesystem type is ext2fs, partiti

Allow a single URL in a URL filtering policy

Good morning All,

I have been playing with PA frewalls for a while now but can't seem to find and answer on this.

Is it possible to block all URLS in the block list and then have an allow for one or two allowed URLs (for a public use computer)

I was

LDAP servers for fault tolerance only?

Dear community,

I am struggling around with a though I cant find an answer for. I every documentation I found they state that additional LDAP server are for fault tollerance only. Imagine the follwing setup:

A customer is loadbalancing user authentic

Upgrade to 7.1.4 OS , Any specific issue

We are Planning to upgrade our firewall from 6.1.10 to 7.1.4 , has anyone faced any specific issue with 7.1.4 ?

Thanks in Advance.

Session timeout

Hi,

From reading this article below:

Connection Timeout Even When Heartbeat Packet Sent

https://live.paloaltonetworks.com/t5/Management-Articles/Connection-Timeout-Even-When-Heartbeat-Packet-Sent/ta-p/61435

It says "The session timeout is set to 60 mi

Apply QoS for uploading

Hi,

I have the scenario  , user wants upload or stream to outside the campus.

Pa in virtual wire mode  and  after pa there is ASA firewall , 

How can I makesure the streaming or uploading is not interuptted by other traffic 

Thanks

IOCs. How can one create custom type?

Hello,

The last couple of days I`m enjoying myself with the minemeld engine and I find it astonishing. I managed to create dynamic feeds from RIPE archives for some geolocation EDLs, will soon post them by the way. 

However, I would love to be ab

Traffic from PAN IP adresses

We are getting a lot of traffic on our website from certain IP-addresses registered to Palo Alto Networks.

The addresses are

74.217.90.250,

154.59.123.106,

154.59.126.106,

70.42.131.106

and several addresses on the 64.74.215.0/24 subnet.

Why do we get al

Creating an isolated dev environment, is it possible with the PA platform?

We have a dev environment on a different domain that we would like to bring in to our domain. There are plenty of reasons, one being we cannot control the patches, updates or dev access to the machines or control internet access to those machines.

Is