DNS proxy and strange system logs entries

Hi

I'm using dns proxy from two weeks. Today I observed strange entries in logs:

my configurqation is simple:

Could someone help me to undestrand what is going on?

Regards

Slawek

PA Software Update Notifications

I'm looking for a page somewhere that has the expected release dates for upcoming Palo Alto software updates. Does such a thing exist? I've looked around the site and can't find anything. We are planning on upgrading our firewalls to 5.1 but we can't

Opening Ports

I have a PA-500. I need to open 3 ports for IP security cameras. How do I do this?

update an admin user password via the REST API?

I have searched high and low but have not found a way to set a password for an admin user via the API.  Does anybody know if this is even possible or if you need to use the UI or CLI only?

Marc

User ID methods?

I am curious how many folks are now using the ID agent that is built into the PA as opposed to the agent that is installed in a windows client?

I tried migrating to the built in agent but it seemed to cause excessive CPU usage on my DCs.

Thanks,

Bob

DHCP Relay and virtual routers

Hi,

I have a PA500 configured with 2 virtual routers

In both virtual routers I have some zone, interfaces and networks.

For example:

VR1

- Zone1: Network Ethernet1/1.1 - Interface Type Layer3 - Tag 1 - IP 10.168.100.1 / 16

- Zone2: Network Ethernet1/1.2 -

Bootp flag "Next server ip address" in the DHCP Server

Is it possible to configure the bootp flag "Next server ip address" in the DHCP Server on a PA with 5.0.7 Software?

How SSH decryption works?

Hi All,

How SSH decryption works? what all the prerequisites? kindly provide example,..

Regards,

Gururaj

Vulnerability Protection drop and drop-all-packets

Hi All

Vulnerability Protection add exceptions  Action drop-all-packets exchange drop

But log see action still drop-all-packets not exchange drop

Why?

Custom App ID - Derived from usernames/http params

I am working with a client in an interesting situation..

We are basically needing to limit sections of the network where certain users and login to a web server. For example, only admins can login from zone1 and only users can login from zone2. The ap

Dynamic update internal firewall

Hi all,

We have an internal firewall that does not have no Internet access. I wonder what is the best way and best practice in updating the IPS / AV signature (no URL filtering).

Any recommendation?

Thanks

Remote Client VPN Configuration Options

Is it possible to configure remote vpn client access without a Global Protect Gateway license? It seems that remote client vpn configuration depends on HIP Objects/ Profiles, which in-turn requires Global Protect licensing. Is there a way to configur

Setting up second gateway: Gives Cert CN error

Hello all,

I have a (working) Global Protect Portal+Gateway envrionment. I am now trying to setup a gateway in a second datacenter. I have setup the same GP-cert and Client-Cert, cert_Profile and GP Gateway settings. The gateway works, when setting a