Multiple GlobalProtect gateways on same firewall- ASA to Palo migration

Hello there,

I am working on a migration- ASA to Palo. ASA has muliple remote access vpn's setup - all terminating on outside interface ip address. For example, a RA vpn for employees - authenticating against AD, another for contractors- user accou

Can't Block Youtube on PAN 7.1.0

Hi Team,

I user PAN OS 7.1.0 and now i CAN'T block youtube although i try using both application and url to block.

1, Block by Application

I created a rule to block YouTube-base

I still view video on youtube normal 

In log traffic, i see P

Release notes

Is there a good way to review you firewall against the release notes of the upgrades that you are considering? I have been reading them and in order to avoid issues moving to 7.06 (TACS recommended most stable version) I should do an intermediate of

PA-200 - Passing traffic through multiple ISP links

I have a Palo Alto PA-200 and the setup I'm trying to configure is as below.

• I'm using "Fiber1" and "Fiber2" for Internet purpose. These 2 links are connected to firewall via a trunk port.
• The ADSL links and the "LankaCom" link in the right ar

Native RADIUS accounting, a welcome feature

This week i was asked to configure radius accounting as a source for user-ip mapping. I was very surprised to see that this is not nativly supported. In lots of ways it is the one of the nicer ways to be able to get user-ip mappings. And as other ven

Getting Started: Layer 2 Interfaces

I have installed a VM-100 and was able to configure the management interface. When I go under the network tab all interfaces are showing as down. How do I get an interface to go into an up state?

Unexpected proxy ARP from NAT policy

Hi there,

I had an interesting go round with PAN support involving proxy ARP and source NAT.   Background: I don’t use the PAN for public ingress/egress traffic, for me it is for internal DMZs only.  As such, I’ve not had the opportunity to utilize

Licensing Costs

Hello Community,

Can someone give me a general guide as to license costs. For example, if I wanted purchase, URL Filtering license or Antivirus or Anti-spyware license for a year, how much would that cost me as an individual as opposed to a corpora

PCAPS in Sub-interface

Hi Guys,

Can PA do packet capture in Sub-interfaces? 

Thanks in advance!

Global Protect's lack of connection profiles is making everyone at my company very sad

We're in a situation where we have mutliple PA firewalls deployed and many of them have their own GP SSL VPN set up (e.g. Manangement range, lab, severeal different customer "islands").  The lack of "connection profiles" within the GP Client is a rea