Application Dependencies

Hi all,

First time post.

If you add all the required dependent applications to security policy (e.g. for Skype: msn-base, ssl & web-browsing), does this then allow all of those apps out dependent of if the primary Skype app is being used for that poli

URL Filtering: Can't Block website when user use Google Cache

Hi all,

I want to block a website whe user user google cache or translate.

In the past i tested everything ok, Palo Alto could block when user use google cach or translate.

But today, Palo Alto can't block website when user use google cache ( But can bl

PANGP virtual ethernet adapter missing on windows 7

Hello,

PANGP virtual Ethernet adapter is missing from Windows 7.
I have tried uninstalling and reinstalling GlobalProtect.
I have also tried following this article:
https://live.paloaltonetworks.com/t5/Management-Articles/Error-Failed-to-find-PANGP-virt

Agentless User-ID Question

So I've been under the impression that our PA-3020s contact the ADDC servers to authenticate users every 20 minutes when it's setup to do a probe; then caches this information locally so that it isn't constantly hammering the servers with WMI request

Any guides to setup Global Protect always on(user-logon) when using Radius with RSA ?

We are using a mixed 7.0.x environment for PAN-OS  and are using GP v. 3.0.2 and I want to test out using the always-on(user-logon)  or (pre-logon)  feature with Global Protect so that when our users take their laptops home, they must sign into globa

IPSEC interoperability - PAN-VM-200 to CISCO ASA 5505

Good Day

First - Do you need a IPSEC license for a PAN-VM?

Second - Can I follow the PAN guide for - "IPSEC interoperaability between Palo Alto Firewalls and CISCO ASA"? The reason I ask is the guide show conifguration between a PAN-5060 and a AS

Software versions

Why are for example the software version 7.1.3 (29.6.2016) ready for download and update before 7.0.9 (1.8.2016)? When I look at the Software-option under Device when I am about to update my PA-3020, I get confused when I see for example version 7.1.

Does Global Protect maintain a list of MS patches

Does Global Protect maintain a list of MS patches or does it only look for the patches that you list in the HIP object? If it does maintain a list were can you see the list?

ISP Load balancing with ECMP

I have the Following Scenario on a PA-200

[ISP1]

Zone = Untrust

Eth1/1 = 192.168.7.110/24

Modem GW = 192.168.7.1/24

[ISP2]

Zone= Untrust

Eth1/2 = 192.168.5.110/24

Modem GW = 192.168.5.1/24

[Local LAN]

Zone=Trust

Eth1/3 = 10.1.1.1/24

Running DNS-Proxy and DHCP

How to filter rule by subnet

Hi there,

I'm trying to filter the rules via subnet.  Is this possible ?  I've tried copying (addr in '10.10.10.0/24') from a working log filter search and that doesn't seem to work.  There's no filter builder like the log search box so i can just u

Max number of supported tunnel VPN client to site on PA-200

Hello,

I must configure a simultaneous access VPN client to site for 60 users on the PA-200. But this firewall support only 25 tunnels vpn (datasheet PA-200). It's possible to have an extension of the number of vpn tunnel on the PA-200?

Issue after Internet Upgrade

We recently installed a new 300/300 circuit and MIS router at my workplace.  No IPs have been changed, but since the upgrade we cannot ping internet addresses, and our latency and speed results from speedtest.net are horrific (like 1000+ and less tha