Setting up DMZ

First time poster in the new forum.

We're looking into creating a pure DMZ on our Palo Alto. Right now all our servers and network are behind a Layer 3 interface with private IPs. Anything that needs to be externally accessible is done via a One to On

Keeping current on blocked websites

What is the best way to keep your blocked websites current? Seems like every day a site is added that needed to be added to the list is there a simple way to keep the list current?

PAN agent 5.0.6 looses user IP

We are running PAN OS 5.0.11, with PAN agent 5.0.6-6.
But we observe that intermittently, to various users, users are not matched with their IP addresses and Internet is blocked.

When we search for this user in PAN agent, we do not see the user in PAN

How can local-users change their PWs?

How can remote users, that are stored in the Local User Database, change their password?

Routing table flags

I have been trying to find out what the different letters mean in the FLAGS field of the routing table. I have checked the admin guide for 6.0 and it isn't located there. I would really like to know what I am seeing in the routing table.

Facetime, able to accept a call but then it fails.

Hi,

Bit of an odd one really. We have a MAC with facetime installed. There are no restrictions outbound to the Internet. If I try to call the MAC using facetime the app see's me calling, I hit accept button but the call never completes, it just says c

Browser Usage Report

Is it possible to get a Browser usage report, ie, Summary pie chart of Browsers versions being detected as using the Internet in Palo Alto Firewalls...i.e. the number of users using IE or Chrome etc.

Error message after upgrading to 6.0.2

Hi,

After having upgrading to the latest software dut to the time zone bug, this error started to pop up after every commit:

We don't have a separate GP License but have only been using remote VPG connections with no problems for more than a year with

PA4050 Hardening Standard

Hi,

I would to know if there's an Hardening Standard or a bechmark best pratices for PA4050 firewall.

The purpose of that document is PCI DSS.

Thank you,

Paulo

NFS Performance - really poor

Hello everyone,

To start, this is my first post ever and I'll try to be as complete as I can.  Yes we are working with ETAC, who are very helpful.  However the solution is evasive and I hope someone else in the community has experienced something simi

Google drive, SSL, blocking

Hi, 

What PanOS version was google-drive-web application introduced.  We're running PanOS 4.1.6.  Firstly I tried blocking it using the url filtering but have been unsuccessful in doing so (as below), thought I'd see if it can be done via the file b

Can't upload anti-virus update

Good day

I'm getting an informational error when uploading anti-virus file below is the error

"upload -> anti-virus -> name Node can be at most 64 characters - current lenght 79"

Has anyone seen this before?

M

Calling Station ID - RADIUS calling IP

Hi folk,

Anyone know if it's possible to include Calling-Station-Id (RADIUS attribute 31) when authenticating to a RADIUS server (specifically to a MS NPS server).

The purpose of this, is to collect the end user's IP adress for logging in a third party