Multi Critera Show Command

One problem I'm running into with the Palo cli is the ability to search the configuration for configuration matching on multiple criteria.  For instance, I'd like to display output showing all disabled security policies that include a description.

I c

Port forward does nt seem to work

HI

imagine this scenario:

Internet 1.1.1.1 PA 2.2.2.1  ----  2.2.2.2 ROUTER 3.3.3.0/24 network

I am forwarding all packets received to 1.1.1.1 https to 2.2.2.2 https which then re-nat to 3.3.3.0/24 host

With a stupid dlink 50$ router instead of the P

Palo Alto 200 Setup for home use

I have been given a PA200 to setup at home to get myself familiar with Palo Alto firewalls.  I have a cable modem and wireless router that will need to be connected to the PA200.  I have followed the instructions on this article to get it setup:

https

Blocking extensions using data filtering

Hello Everyone,

I need help, i'm trying configure the data filtering for block extension with: .cd5, .4zx and .pekey

Someone already managed to configure data filtering this format?

Thanks

VM-300 video

Anyone know of a VM series demo video? Been searching web and couldnt find one.

Tool to help map out your PA configuration

I need to go through my PA and map out the security zones, NAT rules, and so on that have accumulated over the years and I need a tool to help me scrub through the configution and sort out what is going on.  I heard there was a tool called Clikr or C

Palo Alto as a DNS Server

I have a very small network without a DNS server and I'd like to if possible use a PA200 as a DNS server.  I want to try to create static DNS entries for a few hosts on the PA, then point those hosts to the PA as their DNS server.  Does this work?  A

Scheduled a reboot of managed firewalls (tasks) from Panorama

Hello everyone,

I want to know if is possible to ask Palo Alto to add this feature to Panorama, we have 100+ firewalls at branch offices, when we applied a software upgrade for example 6.0 - 7.0 it always ask for a reboot to apply the new version (In

scp export with unexported-only option

Hi,

I would like to know how to use the unexported-only feature with this command:

scp export log traffic to user@ip:/path/test.csv start-time equal 2016/08/14@00:00:00 end-time equal 2016/08/14@23:59:59

Also is it possible to invoke it through the API

Static Routes not Working

I have a network with in my network that I am trying to control access with user-id in the palo alto.  Before I can do this I need to get routing working.  The routing works just fine up to the palo alto in my test environment.  Each interface can ta

application not working.

I had a customer connecting to an application from trust to untrust. It was working and then suddenly stopped working.

I could see in the logs it was coming as port 443 and application -incomplete and then next day it started working with port 443 and

about mtu

Hello all,

There is a problem with a smb traffic(very very slow)

For the related source and dest. ip address 2 filter is configured and show counter output has :

flow_fwd_mtu_exceeded 9 3 info flow forward Packets lengths exceeded MTU
flow_ipfrag_frag