Palo Alto as a DNS Server

I have a very small network without a DNS server and I'd like to if possible use a PA200 as a DNS server.  I want to try to create static DNS entries for a few hosts on the PA, then point those hosts to the PA as their DNS server.  Does this work?  A

Scheduled a reboot of managed firewalls (tasks) from Panorama

Hello everyone,

I want to know if is possible to ask Palo Alto to add this feature to Panorama, we have 100+ firewalls at branch offices, when we applied a software upgrade for example 6.0 - 7.0 it always ask for a reboot to apply the new version (In

scp export with unexported-only option

Hi,

I would like to know how to use the unexported-only feature with this command:

scp export log traffic to user@ip:/path/test.csv start-time equal 2016/08/14@00:00:00 end-time equal 2016/08/14@23:59:59

Also is it possible to invoke it through the API

Static Routes not Working

I have a network with in my network that I am trying to control access with user-id in the palo alto.  Before I can do this I need to get routing working.  The routing works just fine up to the palo alto in my test environment.  Each interface can ta

Traps Host Information

Hi,

Are there any plans to include IP addresses in the logs emitted from the Traps ESM server? Currently only the system hostname appear to be in the logs, per documenation. IP addresses could be useful for querying against flow, pcaps, etc.

Thanks!

J

application not working.

I had a customer connecting to an application from trust to untrust. It was working and then suddenly stopped working.

I could see in the logs it was coming as port 443 and application -incomplete and then next day it started working with port 443 and

about mtu

Hello all,

There is a problem with a smb traffic(very very slow)

For the related source and dest. ip address 2 filter is configured and show counter output has :

flow_fwd_mtu_exceeded 9 3 info flow forward Packets lengths exceeded MTU
flow_ipfrag_frag

Track down when a new appid is added and appid updated?

Hello,

Trying to find out when enhanced-file-transfer appid signature is introducted.  Look at the applipadia, there was no date assoicated, or on the firewall.   Other than scanning all the appid update release note.  What is the easiest way to find

MIB Value for Zone count

Hey all,

I've been digging around and just can't seem to find the answer to this so I'll ask here. I'd like know if there is an OID MIB value to the number of Zones currently configured on any particular firewall. I've browsed/search this OID: 1.3.6.

GlobalProtect - Client Certificates Deployment

Greetings,

I have used the following article to distribute client certificates for GlobalProtect:

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Issue-Certificates-to-GlobalProtect-Devices/ta-p/53642

My understanding is that with

QoS and interfaces - some conception advice needed

Hello

I will migrate fom PA200 to PA500. I have some local networks (DMZ, Wifi for students, Wifi for stuff, LANs)

I need to use QoS but I need some advice with that.

I know that I can controll only on outgoing interfaces but I have no idea how to get