All site to site tunnels drop

We had an incident where we have site to site VPNs coming into the Palo.  The connection dropped and they would not come backup, even after dropping the VPN on both devices.  The end result was a reboot of the firewall and it came back up.  What I sa

Multiple websites are getting blocked

Users has been reported that multiple sites are getting blocked suddenly,
We have the connectivity between minemeld and Panorama, where the Malicious URL's or IP's getting blocked.
We need support in getting verified the MINEMELD configuration what c

url filtering with Alert category

Hi, 

I have configured the URLs to allow through the firewall with an alert category. 

The firewall is allowing the URL but user get the "warning: Potential Security Risk Ahead" page with Go Back (recommended) and Advanced option.

Is there any techni

Export logs from PA7050 to Window Log Server

Hi Guys,

Any possibility we can export daily logs from PA7050 to external windows log server through SCP or FTP? Been told there is a limitation for PA7050 to do so because the log database is too large for export or import. Any possible can do it by

Natting to ip address which is not binded to any interface

Hello Everyone,

I want to nat traffic going from dmz zone to wan zone. I want to nat ip (172.16.16.16&172.16.17.17-dmz zone) to use nat ip 200.0.0.1 which is not configured to any interface. I am unable to perform this. Please find below snap.

1)Interf

Log traffic on Panorama is less than firewall device

Hi everyone,

iam using the monitor > traffic on panorama and saw the period logs more smaller than the firewall device, in panorama we have log until 02/14/2020, while in firewall device the log starts on 01/31/2020, i used the command show system log

PBF rule with src zone 'any'

Does anyone if it is/should be possible to configure a PBF rule with src zone any?
The inline help says "To choose source zones (default is any), click Add and select from the drop-down." but 'any' is not an option when I actually try to create the ru

Measure CPS practically

Hi Guys,

We have PAN VM 300. To implement Zone Protection, we want to measure CPS. Now we dont have Panorama and dont do firewall monitoring with any tool.

Now the admin guide suggests that:

Panorama on ESXi resources

Hello community,

we would like to build virtual Panorama and log collectors as virtual machines on ESXi.

Does anybody know, if resources like CPU and memory must be dedicated to these machines only or can they be shared?

I cannot find it in any documen

Bandwidth limitation per policy

Hello All,

I have filled the local database with users because we do not have an Active Directory, i create a captive portal to enforce the users to do authentication. in the polices i have grouped the users depends on what they should go through net

diferente Version PAN 3220

Hi
The new PA3220 device (FW2) has PANOS version 9 installed, but the firewall (FW1) that is operative is on PANOS 8.1.3.
What are the steps to update the FW1 to the actual version of PANOS?