DHCP Relay with Source Nat blocked

Hi,

a customer has two PA VMs in the Azure cloud with internal loadbalancers configured. Unfortunately the DHCP server is also running there. In order to perform symmetric return a source nat is needed on the firewall. However this breaks the DHCP fl

DLP and PA-820

howdy all,

Is the PA-820 firewall capable of DLP? We have migrated from the 500 to the 800 to the 820.

Thank you

Error: 'cannot start tunnel'

Hi all

my Name is Mario from Germany, i  new here, sorry for my english, i hope you can understand me.

i have a Problem with globalprotect . 

I am trying to find out information about user data use while they are on the VPN.

We had a user that had a mifi data usage bill that was very high. They claim that all they used it for was to VPN into the PA, and then RDP to a local pc. The PA said their internal data usage was low. The user said once they had VPN'ed into the netw

User-ID Verification Page for End Users

I'm wondering if anyone knows of a way, other than triggering a default URL block page, to display a User-ID association to an end user via a web page.  For example, have the user go to useridcheck.domain.local, and see a simple page that like this:

U

GlobalProtect 5 for IOS blocking network stack access

Just recently had a couple of instances where the GlobalProtect client was not allowing network access. ios 13.2.3 and GP 5.0.9-11

An established login to a mixed WPA home network would not connect, even though showing authenticated, no wifi bars. Sam

Need help with scripting to palo alto using ssh

Hi all!

I'm trying to creating a script for a customer i Windows Batch (*.bat) that needs to login to a Palo Alto Firewall, run a few commands and then login to another firewall and so on. 

This is a strict environment so no internet connection is ava

Curious about new URL filtering categories: Grayware and Cryptocurrency?

If anyone has been curious about the 2 new URL Categories that have been recently introduced in the #8206 Dynamic Updates, the LIVEcommunity has just published the following blog:

New URL Filtering Categories: Grayware And Cryptocurrency

I recommen

t.120 and Twitter-base

Hello all,

Looking for more information on these two applications if anyone can assist. We're deploying firewalls as an MSSP and some of the traffic we're seeing hit application-based policies doesn't seem to make sense. Some of the examples we've se

upgrade of PA-500

when in process of upgrading OS for pa-500 active/passive pair, on the passive devic i upgraded from 7.115 -- 8.0.0(download)-->8.0.20(install) -->8.1.0(download) -->8.1.12(install) 

now passive device is 2 major os version ahed , looking for ideas ho

How to set up two HA (active / passive mode) firewalls to be managed by panorama

Hi All,

I already have two firewalls to set HA and use Active / Passive mode.
But when I put both devices into the same Device Groups and Templates and push the configuration file to both devices, the HA settings of the second device will be overwritte

SSL VPN REDUNDANCY

Hello everyone,

I want to make redundancy ssl vpn for two ISP.I have two ISP.I will use DNS failover.And write nat rule for two publıc to loopback interface.(I use loopback interface for globalprotect).I write symmetric return for two external interf