General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


Join Us for a Tech Deep Dive Miniseries!


Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.


Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real


jforsythe by Community Team Member
  • 3 replies

Destination NAT to address not in same subnet


I had a quick question about destination NATing to an address not in the same subnet as an interface on the Palo Alto. For example, let's say I have a site-to-site VPN and I am using destination NAT on one side of the tunnel. When traffic comes


Code42-> CrashPlan support in HIP Objects

Code42's backup product, CrashPlan, is not on the list of vendors within the HIP Objects for Backup software.  This is currently the most popular commercial backup software for businesses that use Mac OS X based workstations.

* When will support be ad


Resolved! Forefront UAG Direct Access

I was wondering if anyone has deployed Microsoft Direct Access or Forefront UAG behind a Palo Alto firewall, and could share their experiences.  Direct Access requires 2 consecutive public IPv4 addresses (no NAT), and we are trying to figure out the


abelgard by L1 Bithead
  • 3 replies

Problem with IPSec tunnel monitor


We have an issue with one IPSec site-to-site tunnel. The PAN usually doesn't recognize when a tunnel is down. We can correct this by setting up monitors on all tunnels with a "wait-recover" action after 3 subsequent failures. This works for all


oschuler by L4 Transporter
  • 2 replies

Resolved! Viewing all URLs visited by a user

Hi there

I'm trying to track down an incident here and I'd like to get a report on a particular user for all URL activity. I've set up a custom report using the URL Log, with a time frame of the last 12 hours and added the username in via the query bu


Panorama commit devices with different results


We have a device group in Panorama with 4 devices members. When we've committed changes sometimes devices had the result "Commit succeeded with warnings", because we have some dependence warnings, but one of them has the result Commit Succeeded".


session browser source=

seeing a lot of sessions in the session-browser with a source ip of (in the internal "trust" zone) - these tend to be UDP protocols, RTP, bittorrent, skype etc and the session browser shows them not matching any rule or having any bytes.  Are


PAN DHCP Server - Remote Subnet via IP Helper

Hi all,

is it possible for the PAN DHCP Server to provide IP assignment service to clients in a remote routed subnets via Cisco IP Helper address ?



gafrol by L4 Transporter
  • 0 replies

Test commnad on the nat policies


I did an upgrade from a 500 model to a 3020 model. All the configurations work just fine. The problem that I see is that I cannot test the nat-policy rules. I have the following configuration:


snat-all-LANs {

        from inside;



Top Liked Authors