General Topics

Setting up Orion NPM to monitor PA-2050 via SNMP

Hi,

I'm new to setting up SNMP and need help.

Our Network Engineers need to setup their Orion NPM to monitor our 3 Palo Alto 2050's via SNMP.

They basically only need to monitor CPU, Memory, and Link States of the 3 interfaces hooked up for each of the

No IPSec-Tunnels after Upgrade from 3.1.7 to 4.01

Hello,

we run 8 PA-500s in 8 Branches. After upgrading them from 3.1.7 to 4.0.1 not all IPSec-Tunnels become active.

The Tunnels to the branches with the WAN-Interface connected to SDSL with PPPoE (automatic IP/Netmask/Gateway) stayed inactive, even af

Multiple NAT or UTurn NAT rules

We are hoping that someone can suggest a simpler way to resolve the issue of allowing internal hosts (in the Trust zone) to access servers sitting on the Trust zone via their external IP address (what PAN calls a UTurn or Hairpin rule).  We have near

DOCX, XLSX, PPTX, ASPX files to be allowed when zip is blocked

I have recently deployed PAN 2050 in my organization. We are enabled file blocking for selected file types e.g. (EXE, BAT, CAB, ZIP, ISO, RAR etc.) in both the direction. Currently we are facing some issues with DOCX, XLSX, PPTX, ASPX file types. Eve

PAN-2020 is taking 45 Minutes to 1 Hour for committing the changes

I have recently deployed PAN 2020 in my organization. Initially it was working fine without any major issues. But recently it started behave strangely. PAN is taking 45 Minutes to 1 Hour for committing the changes. Sometimes it may even get timeout a

Packet Capture problem w/ PA-5020 running 4.0.0

So, using debug dataplane packet-diag I am unable to get filters to work propperly and quite often don't see data that I actually Should.  I didn't know if this was a bug with the 4.0.0 code or not but it makes it awful hard to defend the firewall wh

Virus only email alerts?

I see where it is possible to send alerts for threat preventation at the different severity levels, but is it possible to only send alerts for a specific type? Specifically i'd only like to receive emails for Virus alerts.

Rules applying to wrong users

IOS : 4.0.1

User ID Agent Version: 3.1.2

We have RULE1 set for USERS - A, B, and C.  They have an AV, Anti-Spyware, and Vulnerability protection.  RULE2 is for ANY other users on the network, which has its own AV, Spyware, Vulnerability profiles as wel

Downloading updates through a diffrent interface

Hi,

Is there a possibilty to download the AV signatures / Dynamic updates through one of the non-managment interfaces?

I have one interface connected to my LAN, the other one is external - in a L3 deployment.

I do not want to connect the managment inter

PANOS 4.0.1 - GUI Issue

Since upgrading to 4.0.1 - in the Security Policy - under Source User - if I try and change the user type it ignores what I've chosen (eg Known User to Unknown User) and default to "Any" - then won't allow me to change it at all!!! Has anyone else ex

Virus False Positive ? - Winrar

I flipped on Virus Filtering today and within 5 minutes got my first potential false positive.

Any reason why it would think Winrar.exe is a Virus ?

http://www.win-rar.com/downloads//rar/wrar400.exe

It thought it was Trojan-GameThief/Win32.magania.flfe

I