Content 571 Customer Advisory

Application and Threat Content version 571 was removed from the Palo Alto Networks support site at approximately 0230 PM PST on 24-MAR-2016, after discovering an issue with this content update and Panorama stability related to the Correlation Objects

latest stable version of PAN OS

Hi All,

I am looking for the latest PAN OS version that is being used( any pointers why it is good would be a plus)  , i am looking to update my firewalls and Panorama. also any good links on how to absorb existing running firewalls in the panorama

I don't see a facility to schedule a reboot.

Hi

I would really like to be able to schedule a reboot at a future time. We are in the process of migrating sites to Panorama from a a local configuration.

The config has to be deployed through the single link into the office. This link is a BGP peer.

port 2000 and NMAP

I'm having an issue where any traffic through palo alto using destination port 2000 will create a tcp handshake and no more traffic will pass. I've talked to support and no traffic is being dropped by the firewall. i've added a rule to allow tcp 2000

Automatic VPN Failover

Dear Friends, IF 1 ISP link goes down of operator END we unable to automatically forward to another ISP link. please suggest how to do this. i am using PAN-3020 with 1 ISP and Operator END cisco with 2 ISP. Regards Satish

GlobalProtect Portal Banner Message

Would anyone have a simple example that would allow me to put a warning banner below the login table on the GP Portal page?  I'm no HTML expert and have tried to follow some of the posts and documents here, but am not having any luck.  I have made su

Multi-VR routes and security policies issues

I have an issue where we have mulit-VRs in place 1) default and 2nd) VR that is utilized for DMZ and untrust routes

Both VR's share a common zone name "public" for example. 

I have issues routing where for instance I have my internal network segm

Global Protect DNS Suffix Not Propogating to Client

Hi,

I have a strange issue where my Global Protect SSL Client connects to the firewall with no issues.  I get the IP, the routes and the DNS servers but I don't get anything listed in the DNS Suffix entry.  I have configured the DNS Suffix correctl

syslog configuration

Hi,

I have attached  my syslog configuration . 

but in my syslog i missed most of the logs .

then assigned to the  policy  

To  forward all the logs  , attached configuration 

what if  i choose another facilty  ?

if i put one interface i

Wildfire

So currently I am using wildfire but only choosing to forward the file. Is anyone using the block option? If so are what are the pros and cons?

vwire & VLAN tagging?

Hi all,

Is there any issue with configuring a vwire for both tagged and untagged traffic. For example use VLAN tag 0 AND whatever my real tags would be, like 1, 100, 200, etc. I'm assuming it will be fine since there is an option for 0-4094.

Any issues

User-ID Group Mapping for Multi Domain Single forest

Hi everyone.

I'm trying to setup a User-ID installation for our multi-domain Active Directory environment.

Here is a rundown on what we have

DomainA = Workstations, groups, users, servers, etc. The main domain where everything is conducted

DomainB