General Topics

Resolved! Subnetted traffic issue

I am running my PA-2050 on layer 2. The system runs great except for one issue. My wireless zones are subnetted. The PA can see the subnetted traffic, allows it to go out, but the packets get lost on the return back. I know there is nothing wrong wit

Resolved! Moving from 4.0 to 4.1 (affect on NetConnect users)

I'm considering moving to the latest 4.1 release from 4.0.11, but I have a large number of SSL VPN users using the NetConnect client 1.3.2.  I believe they would have to use a Global Protect client once the OS is upgraded to 4.1.  What would be the b

Resolved! Internet facing interface dhcp-client inbound NAT

So,

PAN 5.0.1

eth1/1 - Layer 3 / Internal network 10.0.0.1/24

eth1/2 - Layer 3 / External network - DHCP assigned IP adress from ISP.

Outbound NAT works. Inbound NAT i simply doesnt get to work..

Used the cli command test nat-policy-match from Untrust s

Resolved! Allow traffic to specific URL - Best practices

Dears,

I have 2 PA2020 implemented working as webfilter only. (virtual wire feature)

I need to implement a rule which will permit any user to access the website www.adpweb.com.br anytime...

What I did:

Rule at first position

source: any user, any zone,

de

Resolved! HA Active/Passive Management Design

I am testing out and setting up two PA-2020 in a HA Active/Passive setup for eventual use in our production network.  I am testing this outside of our current network infrastructure to ensure I understand the complete setup processes. I had a couple

Resolved! I need configuration help In vwire mode ,....

Hi All,..

Kindly refer the fallowing topology, in which VLANs (ex:10 VLANs) are created and any traffic to internet is routed to the core firewall. In between core switch and firewall i have connected PaloAlto firewall in VWire mode and also have defi

Resolved! Dropped Sessions

I've a strange problem. My PA (5.0.1) randomly kills all sessions. This is causing me problems as all internet traffic times out during these issues.

You can see from the show system statistics screen dump below that there is 0 packets and 0Kbps thro

Resolved! Different block pages based on policy

Is there no way to have different block pages appear per policy ? We have distint needs for a few different groups of users. We need one URL block page to come up when one policy is triggered and a different block page when another policy is triggere

Resolved! Recent IE use-after-free vuln

Is there (or will there be) a vulnerability signature we can use to block exploit attempts?