Palo-Alto upgradation From 5.0.x to 6.0.x

Hi All, We are having PA-5050 & and PA-3020 model running on software version 5.0.8 & 5.0.9 and we are planing to upgrade it to 6.0.2. We firewall is running in Active/ Passive cluster. Please any one help to know the processes and suggest which vers

Hi all. We have 60 XP machines I need to block from accessing the Internet. HOW? I am new to the PAN's so bear with me?

Hi all.  We have 60 XP machines I need to block from accessing the Internet.  HOW?  I am new to the PAN's so bear with me?

site to site vpn qestion

We're moving from Checkpoint to PAN. For site to site vpns, I'm assuing i should set up a logical subinterface? How do you ensure its floating/shared in an HA cluster?

Global Protect Client

Is there a specific command I can run to see what version GP client users are using?

Disabling VPN Tunnels from trying to establish when NOT actually required

Hi,

We have several kits which we use for conferences as and when needed. These kits VPN back to us when alive. The problem is when the kits are sitting in the cupboard the Palo continues to try and bring the VPN tunnel up which fills our system log u

Frustration with threats from PA

Is anyone else frustrated with PA's approach to threats and threat signatures?

Prime example: "Netbios Small Piece Data Evasion Attack Vulnerability" - signature ID 33511, link to the Threat Vault: https://threatvault.paloaltonetworks.com/Home/ThreatD

Does Panorama M-100 support more than 100 devices?

Looking to manage more than 100+ devices (around 300 device). is the M-100 able to meet this requirement?

below is my current planning setup:

M-100 (panorama mode) <--------------------------> 100+ PA box

or do i required another M-100 box as log colle

Setting up DMZ

First time poster in the new forum.

We're looking into creating a pure DMZ on our Palo Alto. Right now all our servers and network are behind a Layer 3 interface with private IPs. Anything that needs to be externally accessible is done via a One to On

Keeping current on blocked websites

What is the best way to keep your blocked websites current? Seems like every day a site is added that needed to be added to the list is there a simple way to keep the list current?

PAN agent 5.0.6 looses user IP

We are running PAN OS 5.0.11, with PAN agent 5.0.6-6.
But we observe that intermittently, to various users, users are not matched with their IP addresses and Internet is blocked.

When we search for this user in PAN agent, we do not see the user in PAN

How can local-users change their PWs?

How can remote users, that are stored in the Local User Database, change their password?

Routing table flags

I have been trying to find out what the different letters mean in the FLAGS field of the routing table. I have checked the admin guide for 6.0 and it isn't located there. I would really like to know what I am seeing in the routing table.

Facetime, able to accept a call but then it fails.

Hi,

Bit of an odd one really. We have a MAC with facetime installed. There are no restrictions outbound to the Internet. If I try to call the MAC using facetime the app see's me calling, I hit accept button but the call never completes, it just says c

Browser Usage Report

Is it possible to get a Browser usage report, ie, Summary pie chart of Browsers versions being detected as using the Internet in Palo Alto Firewalls...i.e. the number of users using IE or Chrome etc.