FAIL TO PARSE SECURITY POLICIE

Hi guys

I`m having a big problem

When i try to commit my security policies show this erro.

· Error: Unknown address '10.2.69.100 '

· Error: Failed to parse security policy

· (Module: device)

· Commit f

how to browse for adding specific AD group in LDAP authentication.

Hi..

Customer would like to use SSL VPN with Active-Directory.

So, I have configured SSL VPN with LDAP Authentication.

There was no problem to connect SSL VPN with LDAP Authentication.
after verify SSL VPN connection,  I  was going to add some specific

VPN Client -> Site IPSEC configuration

Hi,

Have you a documentation or a procedure describing how to setup a VPN Client to Site connexion in IPSEC (I am using a P200).

Regards

Boris

Adding multiple IPs to external interface

I am interested in adding all of the IPs from a range like x.y.z.40/28 to the external interface of the PAN.

The verbiage on the GUI makes it sound as if I need to add each IP individually.

Can I add a range as listed above by entering it as  x.y.z.40/

CLI cmd to show system log

I'm trying to use the CLI to get a list of SSLVPN logins, but keep getting either "sytnax error at end of input" or "syntax error at AND" errors. what i've attempted so far is variation on:

show log system subtype equal sslvpn object equal "Test SSL-V

ThreatLog forwarding doesnt work

Hi All,

I have configured the PaloAlto to email me threatn  logs for medium , high and critical alerts, but it seems to email me only medium threat alerts, how do i fix this 

Please find attached my log forwarding profile.

My email profile is configure

Combining NAT rules?

Whil my NAT rules are working fine I get the feeling I am missing something with net rules.  I have an external ip which needs three ports forward to separate internal server:  port 7000 goes to port 3389 on 192.168.1.1, port 7001 goes to port 389 on

Asymmetric routing

Does anyone else have a multi-site network with asymmetric routing?  I'm having some issues getting from site to site.

Here's what's going on:

We have two datacenters -- one for the eastern US, the other for the western US.  Each datacenter has a PA-20

PA500 Configuring a Static Routing Question?

Hello all.

I have a fairly easy deployment - a set of PA500s with internal trusted and external trusted zones. On the inside, they are currently connected to a router hsrp pair and on the outside pointing to another brand FW. I have only a handful of

Source NAT confusion

I am trying to provide for some 1-to-1 NAT on our PAN, which I thought we be an easy task.  However, my configuration insist on using the interface IP address for outbound connections.  Here is my setup.

Untrusted Network Interface IP: x.x.x.10/29

Trus

PA-5020 4.1.5 issue

Hello,

Anyone else experienced any issues when upgrading to version 4.1.5?

We have done one upgrade to 4.1.5 and the PA-5020 just goes into a reboot cycle.

After doing the initial commit the firewall reboots and the cycle repeats.

Doing a factory reset f