General Topics

SSL Interception and CDNs

Looking for your guy's feedback on potential issues you've seen with SSL Interception and CDNs?  I know there's a potential for thick clients like Dropbox to break if you crack SSL for the domains used there.  Are there any other concerns to keep in

Withdraw mesage source

Hi everyone,

I am currently working on connecting MineMeld with our SIEM solution. I however ran into a question.

When receiving an update message it states which sources the IOC originated from, also if there are multiple. example: (binarydefense an

PA-200 and ARP

I have a duplicate arp entry in a PA-200 I cannot get rid of. I have no clue where it is coming from. Its not HA just a standalone 200 on a single /24. I have looked at every device on the network and I cant figure it out. Any suggestions?

Replacement PA-500

Does anyone know where I can buy a replacement PA-500? I have one that failed on Saturday (won't power on) and PA Support is dragging its feet on approving a replacement. They said:

I have submitted the RMA request and you are entitled to next busine

Panorama ISP redundancy

Hey

I have a situation that my main site has 2 ISPs i configured the remote PA to talk with panorama thought the External Interface in order to maintain connectivity even if i have problems with the internal network on the remote site.

I would like t

PAN-5060 Fans running at Full Speed

My 5060 fans are running at full speed at all times. I attempted to run the follow command "set system setting fan-mode auto" in Operation and Configure mode and it will not work. Getting the "invalid syntax" error.

Any thoughts???

DHCP Relay source Interface

Hi all,

We're having some difficulties with DHCP Relay on PA 7.0.5.  Our setup looks like this:

 Client <-> L2 SW <-> PA <-> L3 SW <-> DHCP Server

We use a VLAN sub-interface on the PA as the default gateway for that subnet and I configured DHCP Relay

mismatch of static-ip source translation address range between original address and translated addre

getting  error mismatch of static-ip source translation address range between original address and translated address 

Error failed to parse nat policy

NAT Policy is

SRC Zone : Outside

DST Zone : Outside

Original Packet : SRC address - Public IPs

Origina

Question about application group and custom service group

Hi All, 

First off I appologize if this question has been answered before.

I have a question regarding the use of application groups and custom service groups in the same security policy. Can traffic identified in the application group use a non stand

Warning on commit new config - anyone recognise the cause?

Folks.

I made a rule change this morning - first one in a while (fairly static environment of late) - and when committing, got the following warning

Error: Invalid id 6 for os WindowsUWP.(Module: useridd)

Anyone recognise this/know the cause/know wha

Cannot enter "Maint" at boot via cli

All,

somehow I lost connection to my PA-200. Im trying to do a factory reset on it and I am not able to enter 'maint" during boot via console.  I am using putty .  When I try, it just keeps loading the kernal.  is there a way to pause to enter "maint