PA-500 - Replacement is not acting the same as old one

Here is our scenario.....please keep in mind I'm not a network person

We have two PA-500s.  They used to be in HA but we had taken one out for a different purpose early last year so we were running in stand alone.

The PA-500 worked great but we started

Search for hosts/IPs across entire PA environment

What is the most effective method for searching for usage of a hostname or IP address across our entire PA environment?

The goal is to be able to identify and delete objects and rules that have been created in our firewalls that correspond to hosts/IP

Best way to proxy HTTP traffic?

Hey everyone,

Bit of a PAN n00b here, but working with a PA-500 in a small, low bandwidth environment. We want to use the PA to redirect all HTTP traffic from one network through a squid proxy in the same zone (but different subnets/interfaces). The p

DNS proxy and strange system logs entries

Hi

I'm using dns proxy from two weeks. Today I observed strange entries in logs:

my configurqation is simple:

Could someone help me to undestrand what is going on?

Regards

Slawek

PA Software Update Notifications

I'm looking for a page somewhere that has the expected release dates for upcoming Palo Alto software updates. Does such a thing exist? I've looked around the site and can't find anything. We are planning on upgrading our firewalls to 5.1 but we can't

Opening Ports

I have a PA-500. I need to open 3 ports for IP security cameras. How do I do this?

update an admin user password via the REST API?

I have searched high and low but have not found a way to set a password for an admin user via the API.  Does anybody know if this is even possible or if you need to use the UI or CLI only?

Marc

Defining patch management in HIP objects.

Hi All,

We are configuring global protect with HIP enabled.

Our requirement is, If the patch defined in the HIP object is missing in client machine then access should be denied. Below screen shows the patches (windows updates) for windows 7 machine.

Fro

User ID methods?

I am curious how many folks are now using the ID agent that is built into the PA as opposed to the agent that is installed in a windows client?

I tried migrating to the built in agent but it seemed to cause excessive CPU usage on my DCs.

Thanks,

Bob

DHCP Relay and virtual routers

Hi,

I have a PA500 configured with 2 virtual routers

In both virtual routers I have some zone, interfaces and networks.

For example:

VR1

- Zone1: Network Ethernet1/1.1 - Interface Type Layer3 - Tag 1 - IP 10.168.100.1 / 16

- Zone2: Network Ethernet1/1.2 -

Bootp flag "Next server ip address" in the DHCP Server

Is it possible to configure the bootp flag "Next server ip address" in the DHCP Server on a PA with 5.0.7 Software?

How SSH decryption works?

Hi All,

How SSH decryption works? what all the prerequisites? kindly provide example,..

Regards,

Gururaj