Multiple External Interfaces

Hello,

I have a pan 4020 that will be replacing multiple firewalls.  The internet side of the firewall has a /25 network.  I have a corporate network that has an external interface of x.x.x.2/25 in the Internet zone and a guest wireless network that h

how to access bash shell?

hello,

is there a way to get access to a more advanced shell, like bash, on the device?

No result from "show user pan-agent user-IDs" command

Dear All,

   I just install pan-agent on my AD, windwos 2003 server, and configure PAN box to connect to this pan-agent. I can see traffic with user from AD server. I found result from command " show user ip-user-mapping all".  I can list group of AD

Logging to Panorama over a WAN Link

We have a remote location that connects back to our corporate office via a WAN Link.  At this remote site, we have two clusters of Palo Alto Firewalls that are pretty heavily utilized and produce around 1+ GB of log per day.  We are preparing to depl

Is PAN-agent supported for win7?

Tried to install pan-agent 3.1.2 in Win7 32bit workstation. Installation is ok, but after that I see "Please start PanAgent Service first" in the Agent Status (but the same time PanAgentService is running. I tried stop\start service, restart PC - did

Application "Mode Shift" Behavior

From what I understand, "mode shift" is the term for when an application's identification changes during inspection.  For example, a flow may be initially identified as "web-browsing", and then further identified as "facebook".  I can't find any docu

URL Filtering Exception...

Hi all,

Here's what I need help with. .

I have a general URL Filter setup on my outbound internet rule.

I am filtering Job Seeker sites (Monster, etc.) per management requests.

My question is, how do I setup a rule that will allow my HR dept to be able

SSL-VPN and HA Cluster A/P

Hi,

I have two 5050 in A/P mode running version 4.0.5. My question is if I connected via ssl-vpn to my environment and the primary PA is going down, do I need automatically flip over to the stand by firewall or I need to reconnect manually? BTW I’m

SSL-VPN dhcp dynamic ad integrated dns

We have a problem with clients (winXP) connecting with the ssl-vpn and registering the vpn supplied ip into dns. When they login onsite, their host a record does NOT get updated. It stays at the ip given to to the ssl-vpn. Our internal dhcp server re

VSYS

i have PA 4020 in a production enviroment , and i need to create a new Vsys(2) , would that by any means delete my current (vsys1) confeguration. , i mean is it safe to do that now.

Does palo alto firewall recognize VOip/SIP Tunnel client?

Does palo alto firewall recognize VOip/SIP Tunnel client?

High CPU and Lag using ACC

We have PA-4020 running 3.1.9 in HA

Every time I need to use ACC to run traffic report for week/30 days or so …. It just freezes up for several minutes with up to 98% CPU that remains long after I cancel the report. The more granular I get with my rep

is it safe to raise "action" to block?

hi

i noticed that in some "critical", "high" and "medium" severity vulnerabilities, the default action is just "alert"... especially those brute-force attempts.

at the moment, our system is set for default to take care of these.  however, i remember a