ACI integration

is there currently or are there plans for ACI integration?

240GB Raid SSD Upgrade

Hey guys, we are upgrading our PA-5050s drives from a single 120GB SSD to two 240GB SSDs and I was wondering how long this will take? I assume it will be pretty quick since we are installing two identical fresh 240GB drives but I wasn't sure how long

HA Widget Showing Anti-virus Mismatch

My HA widget on my Active/Passive cluster is showing that the Anti-Virus versions are mismatched but they aren't. Refreshing the widget doesn't help.

The General Information widget  on both 5020s is reporting correctly at version 1555-2030 (05/21/15)

Authentication profiles

I am trying to create different globalprotect access. so I want to give access by security groups. When I search for the Users group in AD to add security groups from that they do not show up  and I don't know why.

Self destruct check mark for policies and schedules

A feature I would like to see in the future is a check mark to wipe a rule.  Example:  I have to setup rules that are good for a single time for particular users after which the rules is no longer necessary.

It would be a nice option to be able to hav

PAN-DB download: Failed.

Hello

I get this error message from the passive Firewall in HA Mode. I verify in "Service options" that the "management interface" is in use. From CLI I can reach "s0000.urlcloud.paloaltonetworks.com"

ES2PA5050FW02(passive)> ping host s0000.urlcloud.p

Statefull or not statefull

We recently purchase pa3020s for mainly application control reason and put them behind cisco ASAs.   I set up trust-to -untrust policy which applies to outbound internet traffic. I denied unwanted apps and allowed rest using user group mapping.   tha

globalprotect client for android

I have the globalprotect client installed and working for pc's but I downloaded and installed the client on my android and it looks like it is trying to connect or is connecting then it pops up my username and password box again. I checked the traffi

Globalprotect vpn access permissions

I want to give different access permission to different group when they access the network using the globalprotect vpn client. I have it configured but its now allowing me to pick the specific group that I want the access for

URL Filter Question

Does PA not do DNS lookups on URL filtering?

We have an FQDN being blocked as malware, but the site can be accessed if the IP address is used.

thx

//moe

packet (5) shorter than isakmp header size. - LINUX Clients

Hi,

We configured remote vpn access in our PA-3020, and we are experiencing some issues with Linux clients. People who are using Global-Protect client work fine, but people who use vpnc client suffer service disruption in SSH or using GIT repositories

Firewall between host and gateway

Sorry if this is really basic but...

I have configuration where, we've added a gateway to a subnet that we only want one host to be able to access to get offsite.  The gateway is on the other side of a vwire in the same subnet space obviously but in a

Delay with User-ID and Captive Portal

HI,

This is only theoretical for me as I don't use captive portal (yet) but I noticed a problem.  I am successfully authenticating pretty much all my users, but quite often I see a few flows at the start of a user session which doesn't have a user-id.