real time flow from interfaces - how to get it?

Hello

On my old Juniper SSG device I had flow control where I can sow real time traffic on interfaces.

How can I do it with PAN? - using only GUI/CLI - not thirty party software?

With regards

SLawek

Which logs to check for firewall auto reboot?

Hello,

I need to go through the logs to check why the active PAN 2020 rebooted itself. I only have access to the cli (I have to ssh via the now active FW).

Which logs should I check?? Under mp-log there is a whole bunch of logs I am not sure which one

BrightCloud to BlueCoat Category mapping?

Is there a more recent Blue Coat WebFilter to BrightCloud URL Category mapping?  I found the document from Jan2011 that lists the categories and the recommended mappings at that time.  However in the last 2 years both vendors have added and removed c

Firmware 4.0.8 to 4.1.8

I am new to Palo Alto firewalls and I am hoping this a quick easy question for somebody who is more familiar with them. I would to like to upgrade my PA500 to latest firmware. It looks like the latest release is 4.1.8 (I am using 4.0.8). I have downl

PAN only takes the first category of an URL from Brightcloud

Here is an example:

www.aetna.com is rated on the website of Brightcloud as "Business and Economy" and "Health and Medicine".

"test url www.aetna.com" results in a  "Business and Economy", which could cause some legal issues when traffic to "Health and

Policy Based Forwarding only works when using specific IP

Thinking outloud here...

I would like to record voice traffic for VPN connected customer service agents.

Traffic comes in a VPN-HomeRouters tunnel from a 10. IP range.

The PBF works when setting source Zone and IP, Next Hop and 1 destination IP.

When i c

ARP timeout

Hello,

We have a customer who is facing issue described by this KB article :

I wonder whether it is possible to change the default timeout value which is set to 1800 seconds ?

It could be very helpfull in some situations, and most of the network devices

Radius access for MGT conflict radius for user access.

Dear,

we use radius profiles for internal users towards a customer internal network policy server and so. The administration of the palo firewall is done via the MGT interface on a dedicted pvlan based administration network. We want to enable radius

Can I use DNS Proxy to Host External DNS?

Hello,

I'm going through my first ever configuration of a PAN-500, coming from the McAfee Secure Firewall (Sidewinder). Our current firewall authoritatively hosts our external DNS records pointing to our MX records, etc, and I wanted to know if it's p

custom session timeout for select user group

I would like to customize the session timeout for an application for a select group of users.  All others would use the default session timeout.

Thanks