PBF rule with src zone 'any'

Does anyone if it is/should be possible to configure a PBF rule with src zone any?
The inline help says "To choose source zones (default is any), click Add and select from the drop-down." but 'any' is not an option when I actually try to create the ru

Measure CPS practically

Hi Guys,

We have PAN VM 300. To implement Zone Protection, we want to measure CPS. Now we dont have Panorama and dont do firewall monitoring with any tool.

Now the admin guide suggests that:

Panorama on ESXi resources

Hello community,

we would like to build virtual Panorama and log collectors as virtual machines on ESXi.

Does anybody know, if resources like CPU and memory must be dedicated to these machines only or can they be shared?

I cannot find it in any documen

Bandwidth limitation per policy

Hello All,

I have filled the local database with users because we do not have an Active Directory, i create a captive portal to enforce the users to do authentication. in the polices i have grouped the users depends on what they should go through net

diferente Version PAN 3220

Hi
The new PA3220 device (FW2) has PANOS version 9 installed, but the firewall (FW1) that is operative is on PANOS 8.1.3.
What are the steps to update the FW1 to the actual version of PANOS?

Global Protect Authentication Profile

Hi

I have setup Global protect and I want to use it with LDAP Authentication profile. It works fine however when in the auth profile I add a specific AD group so only users in the group allow to connect to VPN it doesn't work. Even sometime with spec

syslog session was showing discarded due to which syslog server was not able to receive message

* Ping and Telnet logs from DR Fortigate to Archsight server were to see in firewall. * In cli , session found with discard state for same traffic . After clearing that session issue resolved. ---------------------------------------------------------...

Wildfire Public Cloud - email

We’ve recently upgraded our PAN from 8.0.4 to the latest version (8.1.13) successfully.

Now the issue is that we’ve been getting an email stating that “registering Wildfire Public Cloud has been successfully” every 20 minutes.

Is there a way to make

SD-WAN - routing with variables

Anyone been trying to setup SD-WAN routing with template variables? Surely that page in admin guide is completely wrong? Variables should be of type IP address. 

Scaling User-ID Deployment using the F5 Load Balancer

Objective:

In a large-scale User-ID deployment in a dynamic network, customers deploy thousands of firewalls that they want to scale dynamically while ensuring that the firewalls can still get IP-User mappings from the Windows User-ID agent.

For this