Get security rules from Panorama that are pushed to local FW?

How can I do this?  IE login to Panorama or the local FW and get a list of security polices that are pushed from Panorama in  human readable format?  Similar to 'show rulebase security rules' on the local FW? 

Acitve Passive with different Uplink IP address.

We have two firerwalls at different locations conencted to different vendors via different ISP.

I it possible to have uplink to vendor with same ISP but different IP address in active and passive setup?

Integrate a DMZ with virtual F5 to the PA FW

I would like to add a virtual F5 as a proxy to our exsiting 5220 PA FW. As I have never done a DMZ to a virtual device, I am jsut wondering there a sample scenario or configuration. 

If my F5 was a physical device, I will just assign an IP address to

XML User ID

One of our engineer setup XML to pull the user id and ipaddr mapping, which works with no problem. The problem is he left the organisation and we are not able to determine the source from where the input is coming into the firewall. The log on the PA

Policy rules based on hostname or windows hostname

Hi

I can create a policy based around the username, what about linking to a hostname . windows hostname - verify in MS AD.

I have a management VM, I would like to move, but it has some policied based around location - specific network. It would be ni

unknown-tcp for Exchange 2016 when decrypted

Hi,

I'm doing decryption for Exchange 2013 OWA web part and it was doing good - was seeing mostly applications like ms-exchange, activesync, outlook-web which makes sense.

Customer upgraded their infrastructure to Exchange 2016 and after trying to dec

Alarm "PaloAlto_Used_Memory:_Slot-1_Data_Processor-0_Hardware_Packet_Buffer"

Dear All,

Recently we started to receive, each time to time, this alarms as Critical ones:

PaloAlto_Used_Memory:_Slot-1_Data_Processor-0_Hardware_Packet_Buffers 29920

PaloAlto_Used_Memory:_Slot-1_Data_Processor-0_Packet_Descriptors 9354

Anyone knows t

Configuring ldap for mgmt.

I have customer firewall running 8.0.x . I have AD configured for customer using service route going into trust zone as required.

But I would like to manage the firewall at the moment managed wth single local superuser. Is it possible to use AD auth f

Connecting to mapped shares - most of the time very, very slow

I work with a company that uses Global Protect as their VPN solution.  When I work from my offsite office, I'll fire up the VPN, login and get to work.  For the past year, I've suffered from very long connection times re-establishing access to an imp