Next Gen Firewall Public Wifi Browser Warning Issue

We have a policy for public wifi subnet set to

• ACTION to NO DECRYPT,
• Set TYPE=ssl-forward-proxy, 
• DECRYPTION PROFILE = NONE

 When any public device (i.e laptop) try to open a HTTPS website that prohibited by our organization URL policy.

For example HTTPS’

Is it normal for the captive portal zone be displayed on BGP sessions? Not using CP?

The session browser logs display BGP port 179 sessions trying to connect to the same destination peer address, in 2 different zones, the correct zone and the captive portal zone, is this normal? We are not using Captive Portal, but I do see it enable

Import/export device state

Upgrading a firewall from a single fw to an HA pair. My plan is to do a device export of the current active firewall then import that device state to the two new firewalls then setup HA. Some of the config pieces are from PANORAMA. Any issues with im

QoS bypass traffic and guaranteed egress bandwidth

Hi all.  I am new to QoS and I am unsure where this number is coming from in the Qos statistics for bypass-traffic for guaranteed egress.  Thanks.  Brent

NAT configuration for interface Tunnel

Hi All,

I'm in the middle of migrating a series of PAs from one customer to another. The newer system is on version 8.1.10, the other is on 8.0.14.

I have configured the VPNs each with a seperate tunnel, pretty standard stuff. I am creating some spec

Alert if same traffic log entry is repeated N times..

We have had an instance of a third party having an issue with their system that generated repeated traffic over and over 17K 5 times a second, constantly.

I can match the traffic in the log fairly easily. 

How can I set up an alert for that to go to

PAN-OS 9.0 Released - Stop and Think

Today Palo Alto Network officially released PAN-OS 9.0 to the general public. Some of you may have read posts recently regarding features that have leaked out from the beta, and if you have any questions those of us that have been participating with

Monitor Qos statistic in PRTG

Anybody know how to monitor Qos Statistic in PRTG ?

VPN

Hi.

How to configure VPN that if peer ip and proxy id(remote address) is same.

When try connect address traffic don not flow over vpn. When i write route vpn gets down.

what can be the reason for and ( description contains 'HA Group 1: Peer HA2-Backup keep-alive down'

We have PA5220 HA2 backup connection on copper port running via switch.

today we got alerts on both active and passive firewalls.

and ( description contains 'HA Group 1: Peer HA2-Backup keep-alive down' )

and ( description contains 'HA Group 1: Local

DNS rewrite matching wrong NAT rule

Think this needs a case.  Open to any suggested workarounds.

Connecting two overlapping networks with NAT.  (why? we have to)

192.168.1.0  (zone1) --  PA --  (zone2)  192.168.1.0

policy routing in place, come in zone1 interface go out zone2 and vice ve

Source and destination based on NAT using DHCP

Hi,

I am setting up a PAN device. On ethernet1/1 I have it set up to DHCP. I then will have a computer connected to ethernet1/9. I want to set up both source and destination based NAT. From what I understand in order to do this I would need to create