Max virtual routers?

Take the 3020 for example which can have a max of 10 virtual routers.  Is that 10 VR's per vsys or 10 shared between any/all vsys's you have on the box?

IMAP long tag anomaly

I know this was kind of asked here, and I was wondering if the best option would be to create a rule like the one mentioned in this post..

https://live.paloaltonetworks.com/t5/General-Topics/SMTP-long-MAIL-anomaly-Vulnerability-30392/m-p/2327#M1718

NAT over IPSEC VPN without an IP on the Tunnel interface

Does anyone know if it is possible to NAT over an IPSEC VPN without assigning an IP address on the tunnel interface itself?

I tried but it doesn't seem possible.

Help!

Thanks,

Duane

Can not download Software or Dynamic Updates on PA-200 w/7.01-b19

I cannot download Software or Dynamic Updates on PA-200 w/7.01-b19

Cleared all logs and also reviewed tech note "How and When to Clear Disk Space on the Palo Alto Networks Device"

Reviewed LiveCommunity and deleted files in the pcap directory and

Site to Site tunnels does not failover

Hi All,

We have several site to site VPN tunnels built for different clients. We have PA500 in HA mode. When we do a failover, general traffic does succesfully failover to secondary, but the VPN tunnels does not failover and all the tunnels shows d

Global Protect Pre-Authentication driving me nuts

Hi.

I'm trying to configure pre-authentication on my Global Protect portal.

I've followed this document until I'm blue in the face, but every single time I attempt to logon to my test environment, I get

the ssl-vpn web page do not show up

PAN OS: 4.0.10

> less webserver-log sslvpn-error.log

default:1 main  Error: Can't access DocumentRoot directory

   default:1 main  Error: Ignoring bad directive "DocumentRoot" at line 181 in /etc/appweb/sslvpn.conf

   default:1 pool.1  Error: 404 "Not Fo

Mitigating risk of not decrypting "online storage and backup" URL category.

We've been having some issues with websites like DropBox, Hightail etc since configuring SSL Decryption. I believe this relates to a security technique called "Certificate Pinning". I've resolved the issue by adding the "Online Storage & Backup" URL

VPN with Windows Phone

Hello,

I have been researching for information about how to configure Windows Phone with Paloalto. I did not find anything.

Has someone found any working method for this?

Thank you,

DNS Sinkhole not triggering for known malicious domains

Hello, has anyone had any problems with DNS sinkhole not triggering on PAN-OS 6.1.4 ?

I have created a security policy for DNS traffic between a LAN side DNS server and a WAN side upstream DNS server, the Palo sits at the WAN edge between the two D

PAN-OS 6.x to 7.x Issues

We currently have Panorama with a total of 2 HA Pairs (PA3050's and PA3020's) deployed. We are planning to use Panorama to upgrade from our current 6.x software to 7.x. Here are some gental questions that perhaps someone who has done this before can