PPTP VPN can not be connected to external devices

I have built a VPN server in company domain and I have tried to connect it in the domain computer. Now I need it can be connected to external computer. I have search many information in Internet to know how to do this setting in firewall. But it stil

Feature request thoughts - around nat selection

Hi

I have 2 NAT pools, actually 4, cause for HA each pool is doubled - does that make sense.

1 pool is on a.b.c.13 and the second is on a.b.c.113.

All good. what I would like to do is say

going out internet interface from src group "out via non prod"

DNS Proxy in Active Active cluster setup

Hi

I am looking to setup 2 IP address I want to use for DNS proxy  - I was planning on having each ip as a HA VIP - in fail over mode - 1 priotised to one node and the other to the other node

Then I tried to setup the DNS proxy -  can't attach it to

Routing issues LDAP AD server profiles

Hi, Im trying to set up Group mapping and foudn an interesting issue that I wabnted to put out here see if theres any ideas that can help us out. This is the situation:

Hardware

• ethernet1/12 is trunk with subinterfaces
• ethernet1/12.2 vlan 2 tagged subi

PA220 routing issue

I have three PA220s, let's call them

PA220-A

PA220-B

PA220-C

They are connected in the following manner:

PA220-A ---- PA220-B ----- PA220-C

All three have an Inside and Outside Interface. All the Outside interfaces are connected via a Layer2 network. M

Palo Alto change source port with communication Cloud Meraki

Hello,

We have a client with 300 branch that use Meraki. These branchs has DSL link on WAN 1 and MPLS on WAN 2.

We have a follow problem.

The meraki send a packet UDP each 10s by interface ip WAN 2, for example 10.200.2.10:3009 , the traffic goes to net

How can we troubleshoot high transmit utilization or high utilization issue on interface?

How can we troubleshoot high transmit utilization or high utilization issue on interface?

we recieved alert from solarwind like below for our palo firewalls:

Summary: itsg_GSOC-XXXXX-Priority:-P3 ALERT: | Hostname | ip address | PA-3020 | serial numb

Old spyware signatures are not sinkholed

I have dns sinkhole in place but the issue here is firewall is not stopping dns resolutions of old spyware(previous dynamic update version) sihgnatures/domains at dns level. Palo threat databse shows the domain as malware but no sinkhole action is ta

Aggregate Interface Throughput limit - Multi VSYS - Shared Gateway.

Hi Community

I have multiple VSYS setup that also uses Shared Gateway for collating access to my Data Centre to and from each VSYS.

I have a PA5250 setup running OSPF with a 40G routed connection to my Data Cente (Northbound) - in the shared gateway

Syslog - Collecting Internal DNS

Hey Everyone,

I noticed my Syslog box isn't receiving internal DNS information from the Palo.  I originally thought the URL log type would capture internal information (yes i'm aware what URL stands for, but I could hope).  However that doesn't seem

Agentless User-ID "Not Connected"

PAN-OS 8.0.9

Server 2008-R2

I am in the process of investigating the setup of User-ID, utilising our test network which has a VM500

I am starting using the Agentless option. ( The production site has 500 users, mostly Citrix Terminal Sessions but also

IPSEC VPN issue

I have realy weired issue, 

I have two sites connected with IPSEC vpn, PAVM200 to PA3020.

the sites are connected with IPSEC very stable vpn, remote site trying to access DMZ zone on the local site.

The routing confiured and policy rule allowing the a