VPN for multiple internal subnets?

Hi

Is it possible to configure the VPN to access different internal subnets?   I mean, our network has a few internal subnets that do not route to each other...  there are users who need to access 192.168.1.x and some who need 192.168.2.x and others 1

2 IP ranges

In the Juniper and Cisco firewall configurations it is possible to route a second IP range to a firewall without having to add a second default route. Is this possible under 4.0.5?

My client is wanting to be able to failover between two data centers w

ARP Timeout

Is there any way to adjust the arp timeout value from the default of 1800 seconds on the 4020s and the 2020s?

How to log out-of-state dropped packets ?

Hi,

Last week we've replaced an FWSM cluster with a PA-5050 cluster. After the migration there were intermittent problems with our CRM application. Allthough we had no used applications but only services in our security policy, the PAN was applying th

ISP redundancy issues

Hello and thanks in advance for any help.

I have a PAN 500 that has been doing great. We added a second ISP and used the "PANOS 3.1 ISP REDUNDANCY using Policy Based Forwarding" to setup teh second ISP and this works well (servers go out the 'routed r

Replace IPs with Objects

I have several customer vsys that have nats and policies with IPs already in them. Is there a way to automatically change those to objects that I created after the fact? Or do I have to manually go through each one and fix it?

Thanks!,

SSL-VPN with Active Directory auth

Hello,

I'm trying to configure SSL-VPN with Active Directory authentication.I'm running PANOS 4.0.4, and SSL-Client 1.3.0 and 1.3.1.

I've configured the following:

1. An Server Profile with type Active Directoy

2. An Authentication Profile with LDAP auth

Does NetConnect Support Mac OS 10.7 "Lion"?

Just wanted to see if NetConnect works on the new Apple Lion 10.7 OS that was officially released today.  Should I upgrade yet?

Thanks.

Appstore and itunes on iOS

Hi all,

I have a problem with iTunes/AppStore on my PaloAlto firewall.

We have a default rule for surfing with URL filtering applied (including online-music category). Every time I try to connect with a iOS device to AppStore the traffic is denied be

Allowing Microsoft and Java Updates

I'm trying to allow downloads of .exe and PE files for updates but continue to block users from downloading those file types from other sources.  Not sure what the best way to do this is.

If I build a file filter with 3 rules like:

1.  allow applicatio

SSL VPN Security

All,

I have the SSL VPN setup and working.  All my remote users have access to the internal resources they need.  The time has now come to add a vendor to access their specific internal server.  So, I will create an user on the PA in the Local DB and

URL Logs to Panorama

Is it possible to forward URL fliter logs to Panorama?

Panorama version 4.0.5

PAN firewall version 4.0.5

We are seeing the URL categories in the ACC but no logs.

QOS Interfaces

Hi,

I was wondering if anyone can tell me if there is a limit to the number of 'Clear Text Traffic - to QOS Profile' mappings you can create under the advanced options within a new QOS Interface? PANOS 4.0.2.

I want to setup a couple of QOS profiles, t

HA - Link Monitoring

Hi,

I´m testing the HA configuration of our firewalls and experience unexpected behavior.

If both HA members experience link down errors, we want the appliance with the most active links to be active.

In the "PAN-OS HA - Understanding PAN-OS HA states,