Allowing "Save" function in a limited Admin Role

I have created an Admin Role for helpdesk users, limited to URL log, URL Objects and Custom URL Category.

However, the users do not get the "Save" Option in their login.

Anyone know which part of the tree I need to allow access to in order to get the S

DNS in IPv6 RA

I think it is time to start the first IPv6 only setups. What I missed in my testing setups was the DNS option in the RA (RFC 6106).

Has anybody IPv6 only setups routed via PA?

Commit error - vsys1 decryption: forward decrypt untrust cert is not configured

Hi,

This commit error: "Warning: vsys1 decryption: forward decrypt untrust cert is not configured, forward decrypt trust cert will be used instead." Means, that i must generate "Forward untrust certificate" or what?

Is it possible to create AD group based authentication for PaloAlto administrators?

Hi All,.

Is it possible to create AD group based authentication for PaloAlto administrators?

If yes, kindly provide the steps for the same.

Regards,

Gururaj

One-to-One NAT - DMZ to inside - how do I make it work?

Folks.

I'm apparently having a particularly stupid day, because I can;t make something as simple as one-to-one NAT work.

Scenario is this.

I have an IP in my DMZ. I have assigned this IP to a particular server which is hosted on my INSIDE (secure) netwo

How do I setup dual ISPs on pa500 with ver 5.0.3 firmware

I need some clear documentation for how to setup a secondary internet connection to take over if primary fails. I know this is done with Policy Based Routing but that is about all I know. I found documentation on this but it was for firmware version

L2 subinterface + L3 subinterface on the same interface

Hello all,

Is it possible to create an L2 tagged sub-interface and an L3 tagged sub-interface on the same physical interface.

For example.

Ethernet 1/6

    Ethernet 1/6.100 --- L2 Interface.    Security Zone "IPS only".      /* this sub-interface will be

i am looking SNMP OID and MIB values

I am looking for SNMP OID and MIB values for monitor CPU, Memory, HA status, and interfaces

Vulnerability in TCP packet

Hi guys ,

Is it possible for PAN to block asynchronous tcp and RST packets to prevent attack ?

Regards,

Bryan

Panorama Backup

What solutions are used to backup Panorama VMs? We want to make a full backup of the VM, not just the configuration and log export tools built into the system. This is for DR purposes.

However since we cannot access the system at the OS level, our sys

Interface Statistics?

Is it only possible to view interface statistics if QoS is enabled on the interface?

Mike

NAT IP Pool Clean Up

Having a problem with a NAT IP pool filling up. There are 92 IP addresses in the pool which should be plenty compared to the number of active clients. However, the pool is filling up. When I go to look at what active sessions a given IP address has,