Resolved! Unable to access PA-500 via GUI/SSH on v4.1.7

Greetings,

I have a pair of PA-500s running HA version 4.1.7.  The web interface (GUI) and SSH access to active device was lost for some unknown reason.  The only configuration change done was to set action for a security rule to deny which otherwise

Resolved! Captive Portal Session Timeout

You can set the Timeout value of captive portal. Default is 60 min. In my case it is 240 min.

But this is the max TTL. There is a default TTL of 900 sec(15min)

So when a logged on user does not create any traffic for 15 min then the user must logon aga

Resolved! M-100 appliance

Hi there,

Who can tell me more about this appliance? By the look of things this is a server where you can run panorama, capture syslog file ect on. I would use it to run panorama on so do I still need to run the panorama on VMware?

Please provide as mu

Resolved! Certificate import issues

I'm having terrible problems importing a trusted certificate into my PA.

I've followed the following guide - https://live.paloaltonetworks.com/docs/DOC-3502

I can create the key ok

I can create the CSR ok

I then submit the CSR to Thawte which then gets a

Resolved! PAN-OS 5

so the long-awaited v5 is now available.  What are the implications of upgrading to it?

• is rollback to v4 straightforward (we're on 4.1.8 now)?
• does it force you to use the new PAN web-filtering database, or can you continue to use Brightcloud?
• Do we ne

Resolved! configuring NAT with TAGGED subinterfaces

In order to overcome the limited number of physical interfaces on the PA-200, I need to have one physical interface handle traffic for two different zones, A & B. These zones need to talk to each other and to other internal zones (with security polic

Resolved! PA in VWire mode between trunked ports

Greetings,

Before, I get to the matter, I have browsed through the discussions and did find solutions.  But I am unable to understand a few concepts. 

I have a scenario where;

1. The present firewall is a virtual firewall hosted on an ESXi Server.

2. Li

Resolved! Exporting NAT configuration

So I'm wanting to get the XML out of the firewall for specific DMZ's so that I can assemble IPAM updates from the XML.

Right now, if I ssh into Panorama, go into config mode, and issue this command:

show device-group DMZ pre-rulebase nat rules

Then I ge

Resolved! Global Protect (basic-mode) for Android and PC - licensing and coexistence

Hello everyone, one of my customers wants to connect using their Android smartphone.  I read the doc, seems like the only gotcha is it requires client certs.  If I do this, then all SSLVPN users will be required to have client certs.  I did not see a