Palo Alto Updates not passing through another PA firewall

Network setup:

PA3020 E1/2-->E1/1 PA500 E1/2-->Internet.

In PA3020, we have configured the service route to paloaltoupdates through e1/2. Then traffic will reach pa500 e1/1 which will be routed to internet via e1/2. PAT configured on e1/2 which will

Google drive not getting blocked

Dear Team,

As per logs, I am getting drive.google.com is blocked.But actually, I can still able to access it. 

Please advise regarding this issue to get fixed. Give us the proper permanent fix for this issue.

I can block mentioning the specific URL “dri

Block web browsing but allowing other apps.

I need to block webbrowsing but allow other apps which has web dependency.

Trust to untrust - all allowed. But when I deny webbrowsing from trust to untrust other apps like skype stops working.

Requirement is only web-proxy ip is allowed webbrowsing fr

2 Factor Auth Issue

Hello,

We are having issue with GlobalProtect VPN client when using 2 Factor Authorisation to authenticate.

Instead of being presented with a second login prompt to enter the code from the keyfob, Palo Alto is rejecting logins unless the keyfob code

PBF SMTP for both ISP1/ISP2

I'm wondering if anyone has a similar setup and got it working. I'd like to have both SMTP services enabled on two ISPs for load-balancing and redundancy. I tried using PBF but couldn't get it working. It seems SMTP for ISP1 works fine but SMTP for I

facebook-video

Hi,

How to block facebook video  only 

Thanks

Over 110% untilization

I am seeing my management plane spiking over 100% when do a preview and a commit, what could be causing that ? Also can a defrag be run or need to be run on the hard drive?

VM based PAN FW

Hi,

I have not been able to list the interfaces on VM based PANOS 7.1.0 after the VM PAN FW boots successfully. 

interfaces have been set to vmxnet3 type on VM settings. I have configured 3 interfaces (1mgmt and 2 data). assiged the static mac-address.

Minmeld on Unbuntu

Hi,

We run a hyper-v shop so I am looking to set this up on Unbuntu. Just a few questions before I set off on the install:

Can we install with the most recent version of Unbuntu? Is there a reason I need to run it on 14.x?

I didn't resource requi

Minemeld engine stopped - error starting engine

I would like to create ipv4 output based on the aws ec2 and route 53 miners. I cloned miners, aggregator and output from prototypes. When I hit commit nothing happens. I can see the processes stopped under System. If I hit restart for the engine, I g

User-ID Hierarchy Design

So we have our device groups laid out like this, there’s more but you get the idea. Shared > Regional > Site.

The devices are members of the Site device group, and have a master device allowing me to push User-ID rules down through Panorama. If I want