Migration Tool 3: Missing Checkpoint NAT Rules

Hi All,

I found an interesting problem while migrating a firewall policy from a Checkpoint system.  Has anyone seen this problem before? 

Checkpoint NAT:

Checkpoint has a special kind of NAT that you can configure on an object I'm going to call the "Au

New Project - PAN-OS 7

Hello Everyone,

I'm starting a new project where I will be migrating Juniper Firewalls to PAN-OS.

I would like to hear an opinion if there is a point to migrate to 7.0 instead of latest 6.1.x.

I would appreciate complete and well explained suggestions.

T

Replace Panorama Virtual Disk

Hi All,

we are running a fresh installation of Panorama VM and need to allocate more space for logging & reporting.

This scenario is well explained in the Panorama Admin Guide on Page 163 ff. but we are wondering if it is neccessary to export and impor

Management profile setup on the outside interface for remote management, Panorama not communicating.

I have a management profile setup on my outside interface at a VPN site for remote management.

I have my in-band management port settings set to blank fields.  Panorama doesn't establish communication with this firewall.

I am wondering if it is becaus

Layer 3 Stops Passing - All PanOS versions incl. 6.1.3

I have opened this with TAC a while ago but I continue having issues with Layer 3 not passing through the untrust/internet interface at random times.  I have had this happen 5 to 10 times on different PA-200's.  Some have repeated.  I was hoping a fi

how to Evaluate PA 7.0.0 on v sphere VM100

Hi All,

Can some help me how  to Evaluate PA 7.0.0.

1.  I have installed VM 100 series with PA 7.0.0 on vshere environment.

2. I have PA 5050 with PA  6.0.10 in production  network.

3. How to check ACC on my VM 100 series with PA 7.0.0.

4. How traffic tra

How to convince PAN to know UID mapping for all vsys

Hi,

We use multi-vsys and XMP API for UID. It works fine for vsys1. We use this sintax for login:

<uid-message>

     <version>1.0</version>

     <type>update</type>

     <payload>

          <login>

               <entry name="user1" ip="10.1.1.1" timeo

block send mail App Gmail

hi, how can block sending msg in gmail application allowed gmail-based, block gmail and send email.

App downloading issue for wi-fi mobile users

Dear Friends,

Need your suggestion for below issue.

PAN OS 6.0.9

Unable to download app from play store thru mobile.

There have wi-fi environment, when mobile (smart phone ) users connected thrue wi-fi, he is able to browse internet  but not able to down

Full location of affected threat URL/filename?

Troubleshooting what I think is a false positive but the Detailed Log View (under Threats monitoring) only shows the filename and not its full location on the HD of the machine. Is there any way to find out the full location?

Is possible create a custom admin role with a specific filter?

This question is for administration of PANORAMA and PALOALTO.

I want to know, if is possible to create a custom admin role with a specific filter. For example, If I make a admin role for vsys or device group and check Monitor-Logs-Threats I want to th

how to block UNKNOWN url category

how to block UNKNOWN url category on PA 5050.

tddmwwnnowxo.com  is unknow url category  so PA URL DB allowed  into my network.  How to block unknown category.

If we block unknown category will it affect any new urls which is not register in PA URL DB

DNS Proxy

Hi,

Can someone post and example of how they set up their dns proxy?

How can I be notified of failed hardware via email, snmp or syslog?

Hello everyone,

We have experienced a FAN failure on our PA-500 and had the red led for the fan and a red fault led (but no idea for how long) - As we wasn't notified of this hardware failure.  So my question is how can I set the Palo up to notify me