How to architect Virtual PANs with AWS ELBs

We're at the initial stages of architecting our AWS environment and are considering using PANs to secure North/South traffic. The problem I am running into is the network design of how to get traffic to flow through the virtual PANs from the internet

Captive portal and url filtering .

Does captive portal work with url filtering. Getting all sorts of issues with captive portal .I works intermittently. running 6.1.7 spent lot of time with palo alto tech.

Integrating Panorama with existing PAN Firewalls?

I've inherited an environment where Panorama was an afterthought for 60+ PAN firewalls. Finally convinced management to buy Panorama after we terminated the reason for this mess and had to change passwords on 60+ firewalls individually. 

The proble

Published MS subnet as unknown category

Hello,

how can a subnet published there:

http://www.cgoosen.com/latest-office-365-ip-address-changes/

can end up "unknown" ?

132.245.193.37 got blocked, no more Skype video calls (ouch).

Thanks for adding all networks listed at the above URL to compu

Chromebook and GlobalProtect VPN

Does anyone know if the Chrome book supports the GlobalProtect VPN client? I have some staff interested in purchasing them but VPN access will be required and I have no way to test it.

Thank you,

Redirects for YouTube with Safe Search Enforcement

I have been working to enable Safe Search Enforcement for all of our users, but was having issues due YouTube being blocked. Since I couldn't find a solution anywhere else, I created a bit of code to update the user's cookies to put YouTube into Rest

Blocking Facebook-Video

I've found two past posts on this topic, but nothing really only these lines.

*I've recently opened a ticket on this but was curious if anyone else has had this problem or been successful at doing so*

Has anyone actually been successful in blocki

How to update a URL to Reflect New Category in Brightcloud-DB?

Hi,

anyone knows: how to update a URL to Reflect New Category in BrightCloud-DB? Or how to update base db (device) to reflect cloud db? Thank you.

Static Route ECMP Monitoring upstream

Hi All, 

Probably a quick question. I am attempting to implement ECMP with two static routes. Such as:

ECMP on

e1/1 = 192.168.255.9/29

route 10.0.0.0 255.255.255.0 192.168.255.11

route 10.0.0.0 255.255.255.0 192.168.255.12

My question is, if 19

Permit or Block Traffic based on Path within URL

Is there a way to block or permit traffic based on the path in a URL through custom URL Categories or any other means Palo Alto has? I have found you can filter based on domain and sub domain. however, when i try to specify the path after the domain

Response Page on Internet Zone

Hello Community,

our customer has a Cluster of PA-3020 with PANOS 7.0.2.

We have enabled Application Block Page and the Internal users can view it properly.

Customer has a rule to permit Web-browsing traffic from Internet to DMZ.

When users try

XML API

hi , i enter follow . but occurs error (Malformed Request)

https://10.21.63.99/api/?type=config&action=set&xpath=/config/devices/entry[@name=%27localhost.localdomain%27]/vsys/entry[@name=%27vsys1%27]/rulebase/security/rules/entry[@name=%27rule1%27]&e