DHCP redundancy / HA solution with the PA (200) possible?

We are a very centralized company with a lots of decentralized business units.

All these decentralized locations are connected to the HQ, but can run their primary business process withouth this connection.

This is also a principle we use, so the "prim

Mass static route migration

I need to migrate about 600 static routes into  a PAN box . Does anybody know how I can do this efficiently and quickly . My goal is to copy all the 600 routes into the running cofig .

Thanks

Custom URL Category with Wildcards

Hello

I have a question.

                              www.example.com     

                           _________|_________

                           |                               |

www.example.com/sales-team          www.example.com/marketing-team

My c

request restart software - Clarification ?

Newb question, but I can't seem to find the answer I'm looking for so I'll just ask..

The command 'request restart software' is *JUST* the management software itself, like logging, ssh, snmp, etc, but does *NOT* affect any time of forwarding happening

PA random packet captures

I've noticed that our 5020 is taking (what seems like)random packet captures.  I searched this forum about this, and have read that the PA does do packet captures if the traffic is identified as "unknown-tcp" and "insufficient-data".  The traffic I s

SSL decryption - File blocking problem IE v8

I have a file blocking policy defined to block specific attachments via external web mail portals.  I get correct matches for the application and also get successful SSL decryption.  My problem is that Internet Explorer v8 clients can still send the

Global Protect Routing

I just recently setup GP and I'm in the testing phase. My tests are failing. The very first time I connected I could ping out to the internet, I could ping devices via IP address inside our network (behind the firewall), and I could ping via hostname

Invalid username/password with LDAP for Captive Portal

Running a PA-500 on software version 5.0.2

I was wondering if anyone could point me in the right direction, I'm trying to get a captive portal working that using LDAP groups to provide access through the policy.

The LDAP servers are configured ok, as I

static nat + intrazone u-turn and interzone u-turn at same time

I'm currently having problems on PAN OS 5.0.1 replicating a standard Screenos MIP configuration. Whereby static nat and interzone/intrazone u-turn nat are all active at the same time.

We have multiple zones (5) all of the hosts inside each need to be

global protect internal

Hi

Can anyone give me some feedback on how to configure my globalprotect client to register/connect when on internal LAN? - so I can help my pan-user agent tag what users are connected

Thanks

GlobalProtect new Version (1.2.3?)

Hello,

do you know when the new GP Agent will release? We expect some debug fix, regarding our certificate problems...(PaloAlto Support is informed about).

THX

Zone protection reconnossainse protection

Hi,

I am testing "reconnossainse protection" feature on a PA-200. I built a reconnossainse protection profile over zone protection tab and I mark over "reconnossainse protection" and I checked "tcp port scan", "host sweep" and "udp port scan" (with de

LDAP and User ID

Hi,

I am beginner to palo alto networks.

I am working with user id concepts.

My task is to get User - IP mapping from Active directory to PA device.

I am running Windows 2008 Server.

Can anyone help me , how to configure LDAP in it and get the user - ip m