Training - Labs

Hi all

I am currently doing training - Firewall Installation, Configuration, and Management: Essentials I for PAN-OS 7.0

It's not an online class. I've found it on My Learning page and I think it's good to start with. 

Does anybody know whether there

How to block Android users on PAN FW

Hi Guys,

Is it feasible to block the users on our PAN FW for a specific manufacture or platform , let say to block windows or MAC or Android users ?

Please assist as I m new to this PAN FW ...

Regards 

Vineet

HTTP redirect at firewall level(currently being done in IIS

I'm currently doing http redirect at the web server(IIS) and allowing http and https traffic into the web server. Is there a way to do http redirect at the firewall level and that way I only allow SSL traffic and block http coming into the web server

MineMeld - how to prevent age out of DShield in a TAXII output DataFeed

Here is the basic setup that I'm having trouble with:

Miner:

Aggregator:

Modify application

One of the applications (a default one in the Palo Alto) sometimes connects over an other port than the defined standard port for the application. Since I defined the plicys service as 'application default', this traffic gets blocked.

Its the applica

Recommened PAN-OS as of April 2017 (Q2)

What PAN-OS are people running these days? I am currently 7.0.8 and it is time for the care-and-feeding of the firewall code at my company. I am looking at upgrading to 7.1.8 (but 7.1.9 just came out today).

I do not use any SSL Decryption features.

Proxy ARP

Hi

I have a 5220 in the DC and a 850 in the office

On the 5220 I have an interface onto network 2.7.3.0/24
On the 850 I have a NAT for 2.7.3.129/32
the 5220 get this via OSPF

How can I make the 5220 response on the interface 2.7.3.0/24 for arp requests f

How does one create an output filter to exclude IPv4 indicators in a CIDR range?

I have various miners.   Various miners are connected to various aggregators which are inturn connected in various ways to different types of output.

Some of these miners receive RFC1918 IPv4 indicators.   These are aggregated and send to outputs. 

OSPF and Cisco Routers

Greetings all,

I was doing some Core routing work during an outage this last week and ran into a repeat of some issues we had when we initially put our PAN boxes in to place.  The original scenario:

• A subinterface existed on the Palo Alto with the ta

PA-820 Firewalls Won't Come Back up After Upgrade to 8.0.7

I have two PA-820 firewalls that won't come back up after upgrading to 8.0.7. We have power-cycled to no avail. Support doesn't really have any answers beyond that at this point. We also upgraded an 850 that was fine. Any help?