Web Interface access from Internet

I have PA-200 connected to Internet , but mgmt interface disconnected right now. Do I have to piggyback mgmt to one of remaining Ethernet interfaces in order to get access to web interface from Internet ? Plus port forward rule ?Let me know

Question On NAT Configuration

Hello All,

I have a PA-200 at home, sitting behind a Comcast modem, that hands out  a single DHCP address.

I also have a Meraki Z1 VPN device associated with work, that I have behind the PA-200.

The Meraki requires that the source port not be translate

No GUI Access: FW-6.1.0: Session Time Out

I have a PA-200 with 6.1.0.  I can SSH in fine to mgmt.  When I try GUI, I get to the login page.  When I login with correct credentials it says Session Timed Out.  I think it's a disk space issue. When I show system disk-space SDA2 is at 100%.  Ever

Access only to Office 365

Hi,

We have many client computers with no internet access (only intranet and email).

Since we are migrating our email to Office 365, client computers need access to Office 365 (via Outlook and Web browser). Not only mail services, but also licensing, o

Traffic with "any" category allowed on policies rule

Hello,

I have a rule where we allow the category social-networking.

Why in traffic log I see traffic allowed with category any  !!

No Wireless ?

It looks like none of PA has wireless (nothing on PA-200 or PA-500) , am I correct ? It's very disappoining

Portal Status Connection initializing

I'm using LSVPN, after rebooting my satellite I can see Portal Status Connection initializing  (Network->IPsec Tunnels->Gateway Info) But nothing happens, in the capture I don't even see actual traffic to portal even if I try to reconnect manually. P

Windows DNS Server behind PA

Did a PA install last night, the client had a public facing DNS server. the DNS server had a public IP before we moved it behind PA to nat it. while it was outside firewall with public IP the DNS queries from internet worked fine without any issues.

Wildfire options

Hey guys,

As I'm sure most of us are, I'm seeing a huge string of issues related to Cryptolocker lately.

I've reviewed the several articles floating around on how Palo Alto units deal with this, the fact is I'm seeing spam emails get through encouragin

DNS TXT records, use and implications of blocking?

In the recent past my organization was hit with a relatively new DNS Amplification attack which uses a botnet hosting DNS services with a specifically crafted DNS TXT record.  The spoofed requests specifically requested this record hosted on the botn

ssh (or any) threshold?

I'm experiencing a ton of hits over ssh to servers that must have ssh access. Is there a way to do threat assessment based on SSH,  port etc – and then automatically shut the attack down?  For example if a certain IP begins sending all that traffic o