QoS policies

hi!

i have a question regarding the QoS feature, so here goes:

the scenario is the following - we have 2 apps for which we would like to limit the bandwidth, lets say app1 and app2. we have edited one of the QoS classes in the default QoS profile, clas

Heratbleed CVE-2014-0160 - New Vulnerability Signatures

Palo Alto released multiple vulnerabilities for the Heartbleed bug.

New Vulnerability Signatures (3)

Severity

ID

Attack Name

CVE ID

Vendor ID

Default Action

Minimum PAN-OS Version

medium

40039

OpenSSL TLS Heartbeat Brute Force - Heartbleed

CVE-2014-0160

alert

1. 3.1.

Best heartbleed test site

What are the best testing sites and tools for heartbleed?

Antivirus and apps - Error in retreiving data - PAN OS 6.0.1

Hi,

I'm a customer with two PaloAlto PA-2020 with active/passive config running without issues.

I've just upgraded from 5.0.11 to 6.0.0 and then to PAN OS 6.0.1 (latest)

Starting with PAN OS 6.0.0 I can't check for apps and antivirus upgrades from the "

Panorama Shared & Device Group Policies & Objects

Can anyone explain where the Shared & Device Group Policies & Objects are stored on the local firewall after they are pushed from Panorama?  They do not show up in the CLI nor the .XML Config Export file.

MGCP being dropped since upgrading to 6.0.1

We upgraded our PA5020 from 5.07 to 6.0.1 to utilize TLS 1.2 to handle decryption but as a result we have created an issue with our phones. We have a couple call managers behind the PA5020's at our data center and several branch offices around the wo

Service Contract Ending

My service contract is about to end, and we are not planning on extending it as we are replacing our 3020s with some other firewalls.  We are still planning on using the firewalls in our network, but not to do the threat detection stuff.

I would like

SSL-VPN Portal not being displayed

Hello,

we're running a couple of PA-500 v.3.1.5 in HA, with SSL VPN Client v.1.3.4.

We're experiencing strange access issues to the VPN Portal depending on the browser being used.

When trying to access the portal url we get a blank page with endless loa

GRE over ipsec

hello,

I have an existing customer with an Cisco router. On this router is terminated a GRE over IPsec tunnel.

Now they have bought an PA500 appliance. Is it possible to have the GRE over IPsec tunnel on PA, or the only way will be to reconfigure the t

PA-500/PA-20xx - tuning mgmt performance

Hi All,

I`d like to start a discussion what we can do to improve the bad mgmtplane-performance (gui, commit times etc.) on the older platforms PA-500 and PA-20xx because there are still several customers out there with these devices and for the PA-500

Error when trying to commit

Hello,

I am getting the following error when trying to commit and am not sure where to look. 

Error: Need to config WMI account and password for querying Microsoft directory servers

Thanks in advance.

Bob

VPN Encryption/Authentication key's for Wireshark Decryption

It is possible to debug ESP packet's in Wireshark but to do so I will need to obtain the encryption key and the authentication key for the given VPN from my Palo Alto 5050. As an example - In Linux it's possible to get this information by running the