High CPU usage of Panorama

Hi,

Our Panorama is running on a dual quad-core 2.66GHz + 4GB RAM + VMServer 2.0.  We have a PA4020 appliance which has a persistent session count of roughly 250000 sessions.  When we direct the logs of this PA4020 to Panorama, the CPU usage of Panora

Vsys resource management

Hi Folks,

We are in the process of evaluating Palo Alto.  Can folks share some of their experiences on how to manage resources between Vsys?  How do you manage Vsys 6 only gets x% of CPU etc...vs what other Vsys's are allowed.  What is the max number

How do you determine why a scheduled custom report did not run when scheduled?

How do you determine why a scheduled custom report did not run when scheduled?

Export "SSL VPN/SSL INBOUND Inspection Certificate" in PAN-OS 3.0.6

hi,

I can't find in PAN-OS 3.0.6 solution to export CERTIFICATE.

I tried WEB-admin and CLI but without solution :

scp export
> application                  Use scp to export application packet capture
> application-block-page       Use scp to export appl

IPSEC VPN Help?

I have a PA-500 at our main office.

We have a smaller site that currently we have a point to point circuit to, however we may not renew the contract on this, and instead put in a cheaper but faster internet leased line, the idea being to link the two

Blocking browsers ?

hi,

i just need to know is it possible to block a browser e,g Firefox or Opera with application filter ? i need to implement a restricted policy to allow only IE for browsing ...

appreciat any help..

PA-500 Management NIC Dead?

Always seems to happen out of hours but...  the management NIC on our PA-500 seems to have dropped off the face of the earth.

I can't ping it, I can't SSH/Telnet to it, nor can I get to the web GUI.

Fortunately the PAN does still appear to be passing t

Management of multiple devices in Panorama, what is shared ?

Hi,

When managing multiple PA devices in Panorama, what information is shared ? I know it is possible to create device-groups, but this is only used for security policies.

What about NAT, QoS, SSL decryption, Captive Portal, Policy based Forwarding ?

An

Basic multiple-WAN-IP networking question

Some background, I am coming from a Sonicwall (which I'm not a big fan of, but I'm familiar with it) and I also have experience with the open-source pfSense system.  I'm not super-knowledgeable regarding subnetting, but I have a basic understanding a

Blocking bittorrent traffic

Hi,

I have just found the time to start learning about our new firewall. As a test I have tried creating a policy for blocking bittorrent traffic, but it seems to have only limited effect. Transmission still happily downloads the torrent although I ca

Uknown-tcp in application based policy logs !!

Hi,

I'am using PAN-OS 3.0.9, and i have configured some policies in witch i allow some applications defined by application override. I noticed that in the logs associated to this policies, there are lines that are identified as "unknown-tcp" with acti