PA-500 throughputs?

I realize that is a difficult question to answer.  What kind of maximum throughputs are people seeing with their PA-500s?

For example: I monitor our firewall (not a PA) using PRTG via SNMP and see a fairly constant 20 Mbps with some 30-45 minute spike

XML Interface to PAN Agent

Hi

We are having a lot of issues with using the PAN Agent scraping the wrong user / ip information from our AD logs as we also have a mixture of local user logins and remote desktop RDP connections which change the user's login / ip address associatio

Skybox unable to add Palo device due to (Host without primary interface) error

Have this error appearing only on Palo's with multiple Vsys.   Devices without singular Vsys will import in to Skybox without any issue.

Anyone using Skybox and seeing similar or know if there is a particular configuration point on the Vsys we may hav

Automatic redirect logon page after idea timeout was exceeded on captive portal.

Hi all,

    After idea timeout was excceded(60 mins), our clients didn't know untill they open new browser session. How to configure PAN to support automatic redirect logon page on the same browser session.

Thank you

Chong

Cannot get DMZ access to work

I have a PA 500, running 4.0.5 and I have two zones that are 'special' : PCI and DMZ. Both are setup identically but only one works. Here is how it is:

Zones: Rest1 (Tunnel.1), DMZ (1/8), External (1/1, 1/7), Internal (1/1, tunnel, Tunnel.2), PCI (1/6

Panorama Out Of Sync

I just installed Panorama to my existing deployment, the firewalls are connected to Panorama, but the shared policy is out of sync. How do I get Panorama to house the current configuration on the firewalls? Currently with no configuration on the Pano

PBF Monitor with tunnel Interface

Hi,

I want to use PBF with IPSEC tunnel to handle failover.

I have 2 tunnels with the same proxy id, so I need to route a network between one tunnel, and if this tunnel is down I need to automatically route to the second tunnel.

But how to use monitorin

Global Protect Licensing for Differing PA Models in a Network

There are specific, per device type, Global Protect licensing SKUs. If a customer/enterprise has multiple PAN device types on their network, is it necessary that each has it's own specific corresponding SKU type applied to it, or are they in fact int

Can the defualt ssh port be change on a PA-500?

Does anyone know if you can change the port the PA-500 listens for SSH request on from the default 22 to another port?

Block App-id Youtube

Can anyonetell me step-by-step how to block youtube using an app-id? I have never used app-ids before and need a quick lesson.  

SSH Remote Command Execution for Config Files

Hey Guys,

I was curious if there was a way to run a command remotely via SSH to the PAN Device to dump configs.

I was thinking of a way to dump the output of "pa2050-1> show config running" to a flat file that I can hopefully do version checking on.

How

Sizing PA Devices

I need to know if there is any report/graf in PA that shows the throughput peak, simultaneus session peak, in a custom time period. This would be great for sizing equipment after analizing the traffic of a costumer during some days. It will be very u

DHCP Routing on PALO ALTO 2020

Hello,

I'm about to try to route dhcp traffic dhcp over my palo alto, but it does not work. Is there an equivalent of "helper-address" known on some routers. My client and my dhcp server are not on the same network, my palo is on the midle betwen my d