DHCP redundancy / HA solution with the PA (200) possible?

We are a very centralized company with a lots of decentralized business units.

All these decentralized locations are connected to the HQ, but can run their primary business process withouth this connection.

This is also a principle we use, so the "prim

Mass static route migration

I need to migrate about 600 static routes into  a PAN box . Does anybody know how I can do this efficiently and quickly . My goal is to copy all the 600 routes into the running cofig .

Thanks

Custom URL Category with Wildcards

Hello

I have a question.

                              www.example.com     

                           _________|_________

                           |                               |

www.example.com/sales-team          www.example.com/marketing-team

My c

request restart software - Clarification ?

Newb question, but I can't seem to find the answer I'm looking for so I'll just ask..

The command 'request restart software' is *JUST* the management software itself, like logging, ssh, snmp, etc, but does *NOT* affect any time of forwarding happening

PA random packet captures

I've noticed that our 5020 is taking (what seems like)random packet captures.  I searched this forum about this, and have read that the PA does do packet captures if the traffic is identified as "unknown-tcp" and "insufficient-data".  The traffic I s

SSL decryption - File blocking problem IE v8

I have a file blocking policy defined to block specific attachments via external web mail portals.  I get correct matches for the application and also get successful SSL decryption.  My problem is that Internet Explorer v8 clients can still send the

Global Protect Routing

I just recently setup GP and I'm in the testing phase. My tests are failing. The very first time I connected I could ping out to the internet, I could ping devices via IP address inside our network (behind the firewall), and I could ping via hostname

Invalid username/password with LDAP for Captive Portal

Running a PA-500 on software version 5.0.2

I was wondering if anyone could point me in the right direction, I'm trying to get a captive portal working that using LDAP groups to provide access through the policy.

The LDAP servers are configured ok, as I

static nat + intrazone u-turn and interzone u-turn at same time

I'm currently having problems on PAN OS 5.0.1 replicating a standard Screenos MIP configuration. Whereby static nat and interzone/intrazone u-turn nat are all active at the same time.

We have multiple zones (5) all of the hosts inside each need to be