Cannot get DMZ access to work

I have a PA 500, running 4.0.5 and I have two zones that are 'special' : PCI and DMZ. Both are setup identically but only one works. Here is how it is:

Zones: Rest1 (Tunnel.1), DMZ (1/8), External (1/1, 1/7), Internal (1/1, tunnel, Tunnel.2), PCI (1/6

Panorama Out Of Sync

I just installed Panorama to my existing deployment, the firewalls are connected to Panorama, but the shared policy is out of sync. How do I get Panorama to house the current configuration on the firewalls? Currently with no configuration on the Pano

PBF Monitor with tunnel Interface

Hi,

I want to use PBF with IPSEC tunnel to handle failover.

I have 2 tunnels with the same proxy id, so I need to route a network between one tunnel, and if this tunnel is down I need to automatically route to the second tunnel.

But how to use monitorin

Global Protect Licensing for Differing PA Models in a Network

There are specific, per device type, Global Protect licensing SKUs. If a customer/enterprise has multiple PAN device types on their network, is it necessary that each has it's own specific corresponding SKU type applied to it, or are they in fact int

Can the defualt ssh port be change on a PA-500?

Does anyone know if you can change the port the PA-500 listens for SSH request on from the default 22 to another port?

Block App-id Youtube

Can anyonetell me step-by-step how to block youtube using an app-id? I have never used app-ids before and need a quick lesson.  

SSH Remote Command Execution for Config Files

Hey Guys,

I was curious if there was a way to run a command remotely via SSH to the PAN Device to dump configs.

I was thinking of a way to dump the output of "pa2050-1> show config running" to a flat file that I can hopefully do version checking on.

How

Sizing PA Devices

I need to know if there is any report/graf in PA that shows the throughput peak, simultaneus session peak, in a custom time period. This would be great for sizing equipment after analizing the traffic of a costumer during some days. It will be very u

DHCP Routing on PALO ALTO 2020

Hello,

I'm about to try to route dhcp traffic dhcp over my palo alto, but it does not work. Is there an equivalent of "helper-address" known on some routers. My client and my dhcp server are not on the same network, my palo is on the midle betwen my d

User-ID: Radius

Our students that use our wireless must authenticate to Cisco ACS using their domain credentials before gaining access to the network.  How can I setup my User-ID agents to properly log the student wireless name and ip?  Will this need to be a change

User-ID PanOS 4.1

In regard to user identification of traffic, older implementations of PAN we would install the PAN-Agent, but after reading a bit more on the 4.1 it seems I would no longer need to use the agent in an Active Directory installation.

Is there any docum

Increase Data plane CPU on PA-500

Hi, every body!

I used Palo Alto - 500  with version 4.0.1

On this device, Data plane CPU alway about 6-20%. I want to increase Data plane CPU on Pa-500 (4.0.1)

Please help me How to increase CPU up to 70-90% ???

Thanks all !!!