Bi-Directional NAT using DMZ instead of Outside interface

The reason for this post is I'm collapsing 2 ASA that are configured one in front of the other into a single PANW firewall.  The DMZ interface on the inside ASA is technically treated as the "outside" interface.  All NAT is performed on this DMZ inte

attacking site and PAN

Hello

Few days ago I discovered site with some information about VMware Update Manager. I had a problem with it and I was searching for solution.

This site is www.bourgelat.net/cannot-patch-definitions-vmware-19988

I have PA with all licences but PAN so

Opt-out page for HTTP ?

We would like to have a web response page that is presented to the user when the user launches their browser for the first time that asks them if they abide by the AUP rules. Basically same concept as the https opt-out page. Is this possible? If so,

Disable an IPSec Tunnel

I want to disable an IPSec VPN. I have currently blocked traffic both directions to the tunnel by using a Security Policies, but there should be a way to disable the tunnel in the IPSec configuration (or alternatively, disable the tunnel interface).

Decryption: sec_error_reused_issuer_and_serial

Hey all,

I am having problems with decryption. The PA decrypts https websites, but when I surf to that website a few hours later, I receive the following error in firefox:

I haven't tried yet in IE or Chrome. I have this problem for various websites, n

Panorama - Want/Need to move log records from Internal Mount Point to External NFS Mount Point

Question:

   Can the log records in the panorama internal storage mount point be migrated (through some process) to the external (NFS) storage?

Thanks

Art

Threats alert

Hello Team,

I have configured the panorama threat alert for one of our firewall and its working fine. Alerts has been configured for High and Critical .

we are getting so many alert from one IP (10.32.100.238) , one of vulnerabilities management device

VPNs down when COMMIT the firewall

Hi,

when I commit the firewall all vpns was down

I have palo alto PA-500 with software version 5.0.11

Do you help me ?

tks

Paulo Aun

EU - European Union

Is it possible to view the countries that are included in the "EU" object? When new countries are added to the EU, will this object be updated via dynamic updates or by upgrading?

Does anyone have experience with the accuracy of geo ip on palo alto?

Ki

Intermittent SSL decryption issues for some, not all.

My Palo Alto Firewall 2050 running 4.1.16.   I am having a lot of intermittent SSL decryption issues.  I'm not sure what to do with some of these.   An example is https://app.plangrid.com.    

I can this site when I have made this change and restart