Creating a Dynamic NAT and exclude addresses from pool

There are known issues online with some external sources not accepting addresses with the last octet ending in .0 or .255.  Are there any known ways to exclude these addresses from a Dynamic External IP Pool? 

New PA2020 - WorldofWarcraft - How to make it work?

Morning!

So we went live with our PA2020 yesterday.  Upgraded from our Cisco PIX 525 and so far everything is working great.  Only 10 seconds of downtime as we did the cut over.

I work at a university and the number one request from students is to make

Captive Portal URL

Hello i need some help.

I need to know the URL that PaloAlto device uses to redirect Captive Portal.

I supose should be something like:

http://<PAN_ipaddress>/xxxxxx.xxx

Thanks in advance for your help,

Albert

where is "Network > SSL-VPN" on 4.1.0

Hi

Before I really got started with my PA500, I upgraded to the latest PANOS 4.1.0

Now I am trying to configure SSL-VPN and in the 4.0 Admin docs on page 259 the first section states :

Adding a new SSL-VPN

  Network > SSL-VPN

The settings on the SSL-VPN

Gratuitous ARP / HA Problems

Hello!

I was running some fail-over tests the other night and ran into some issues with my switch's ARP table updating correctly.

I have attached a diagram that shows all of my PA connections into the switch stack.

In a nutshell, I have a switch carved

Unable to allow only ICMP Echo Request; Firewall passes all the traffic

Hello,

I have 2 networks in 2 different security zones. I have been trying to set up the firewall (PA-500) to allow only icmp echo request (ping), which is an icmp message number 8 and 0 between the two networks. When using predefined application call

How to configure a DMZ on my pa500. Or do I not need one

I have installed a PA 500. With 2 ISP untrust interfaces and one trust interface. Since palo alto is very new to me do I need to configure a DMZ for my spam filter. If so how do I.

Joe

BGP - PA2020 - utilization

I am looking to deploy a new router for switching from a single provider to a multihomed setup including some peering. I have PA-2020 for that purpose and wondering whether it will handle full BGP for a few years considering growth of routing tables

Group names showing full LDAP name

Prior to upgrading to v4.1, when adding an AD group to a policy, the group name used to show up as the shortened name "domain\groupname".  While those policies still work post upgrading, whenever I now add a group name to a policy, the group shows up

Panorama MIB

Has any MIB For Panorama with 3.1.x or 4.0.x ?

NetFos Joy

Aggregate Interface Groups

Version 3.1.2, I do not see the option to select Aggregate Group.  Is there an initial step I am missing?  Thanks in advance.

Performance issue on PA-5050 with profile active

I've ran into an interesting throughput issue with a PA-5050 in my lab, maybe someone can shed some light on this strange behaviour.

The setup: PA-5050 running 4.0.7
Two aggregated trunks: AE1 & AE2
AE1 assigned to VSYS1 (Server VSYS)
AE2 assigned to VSY

Error When Adjusting Log Quotas

Anyone help on this? We can't alter the logdb quota settings (at least on the GUI) on Panorama - we get an error of "management is missing 'storage-partition' " even if we make a tiny change eg. reducing the size of the threat databse to 24% from 25%

PAN agent support on windows 2008 R2 SP1

I have my Palo Alto in 3.1.7.

Do you know if the PAN agent is supported and compatible with Windows 2008 R2 SP1 please?

Thanks for your help.

How to setup pan to inspect/monitor wireless traffic

I am currently running a PA-500 in IPS mode and is setup as a VWire behind my ASA. I have an environment that consist of a Cisco wireless controller and APs. How do I monitor my wireless traffic or better yet how do i setup policies for this?

By the