Is it compulsory to use costume application in rule

We have used application over ride for specific app and name is "server_443" and its working fine, we are able to see that application is showing in traffic logs. In access rule i have allowed any application from trust to untrust zone.

My query is t

Want to configure multiple policies and objects through cli using script.

Hi all,

Hope you all are doing Good.

Guys, I have a query can we configure multiple Nat policies, security policies, address objects, address group, etc using scripts through CLI.

Is my query achievable and if it is so how can we do it. Please share

Software updates on support portal is blank

Is anyone else having issues with software updates page being blank on support portal? I see dynamic updates are displayed but not software updates. I have tried Firefox, safari & chrome with no luck.

Universities experiences with SSL Decryption?

Greetings all,

I'm looking for other admins' experiences with utilizing the SSL Forward Proxy decryption options in a university environment.  General overall experiences would be good but, specifically, I'm wondering about:

• Did you go SSL Decrypt ev

can we push dns security enabled anti-spyware profile to panos 8.1

We are managing 4 location firewalls from Panorama. Panorama  and one of the location is on 9.0.9-h1. Rest of the location firewalls are on 8.1.5.

We have activated DNS security licence on that upgraded firewall which is running on panos 9.0.9-h1.

We a

Behaviour of NAT and Security Rules along with intrazone -default rule.

Hi Gang,

Still getting grips to everything so would love your help in understanding the behaviour of traffic when it is NATed and allowed. 

The Scenario: 

• Zones: outside and inside
  A DNAT rule from outside-to-outside that NATs 1.1.1.1:22 which translate

Blocking Pacman on Google Doodle

We have been trying to block the following website to stop students at our school playing Pacman  https://www.google.co.uk/search?hl=en&site=webhp&source=hp&q=pacman&oq=pac&gs_l=hp.1.0.0l3j0i131k1j0l6.965.1399.0.3543.3.3.0.0.0.0.32.89.3.3.0....0...1.

Active/Passive Firewalls w/Different ISP Default Routes

I have two PA 5220s running active/passive and HA but connecting to dual ISPs. In a failover situation the passive firewall would assume the active firewalls default route but physically has a connection to the backup ISPs gateway not the active ISPs

Active sessions across inactive vwire

Just curious about what I'm seeing. I have two interfaces that are in a vwire. The switch interfaces which go to the the FW  were shut down last week yet looking on the firewall, I see that there are still active sessions which show these two interfa

Getting intermittent unknown UDP traffic logs

Hi All ,

I am having policy  having application group and set services as application default .

Sometime policy is working fine but sometime its dropping packet and in logs showing application  unknown UDP.

Could you please suggest any troubleshootin

HTTP Error 413: Request Entity Too Large

Hi there,

Our team is having an issue when blocking a list of IOCs using the minemeld-sync.py script found at https://live.paloaltonetworks.com/t5/minemeld-articles/uploading-list-of-indicators-to-minemeld/ta-p/162242.

We currently have around 10,000