Customer Firewall Transfer

Hello Guys,

I am new on the Palo Alto Environment, i work a lot with Fortinet.

So in the Fortinet "world" i can register an account like a customer and require for try some of their products, like FortiEMS, FortiOS VM, FortiAnalyzer Etc, all of this

Unable to commit after upgrade from 9.x.x to 11.x.x

Unable to commit after upgrade from 9.x.x to 11.x.x 

while commit the error message is below 

• user-id-agent unexpected here
• vsys is invalid

Import Backup

Hi All,

Can we import backup from PA-220 to PA-445??

How to limit youtube with QoS max bandwidth?

Hi experts, 

Palo alto qos is my first time.

So i have a task to limit maximum bw for youtube in my company is just 10 MB.

Can i assume to config : 

guarantee bw : 0

max bw : 10 

I assume with that config, i didn't reserved any bw for youtube but

Source and Destination NAT for Site to site VPN

Hello,

I'm trying to configure a site-to-site vpn with between two organizations.

Our internal IP range is conflicting with the other organization network, so we are trying implement Source and Destination NAT 

The VPN tunnel is up, but I'm str

DNS routing issue - OpenVPN inside GlobalProtect VPN

Hi,

We are running on a setup today where the client connects through L2TP to a Mikrotik-router and then connects with OpenVPN to the next environment.

Just now we are switchning to PA440 and GlobalProtect VPN IPSec instead of L2TP, and we have a

Vsys and tagging automation

Hello, we have a service that runs when we build servers that will tag the servers being created with its tag and ip information via the rest api. We're trying to migrate to a new vsys, from L2 to a L3 vsys and when we added the new vsys to panorama

Migration assistance PA-5050 to PA-3420

Hi,

I need assistance replacing a firewall cluster PA-5050 and standalone panorama by a firewall cluster PA-3420 and a cluster panorama.

Actually the firewall cluster PA-5050 and standalone panorama are in production. The templates network is manag

Active/Passive FW with Primary/Backup ISP

Hi

My ISP will provide an Internet access with primary access and backup access. We have an HA Active/Stand-by firewall. The primary Internet access will be directly connected on active FW and the backup Internet access will be connected on interface

Mitigation for DHCP Starvation attack in shared network zone (e.g.Eduroam)

Hi everyone, 

Is there anyway for us to utilize Palo NGFW to prevent or mitigate DHCP starvation attack. 

For example, a user's BYOD device is infected with malware, after authenticated with eduroam network, the device start performing DHCP starvatio

IPsec VPN to tunnel public IP

We have requirement where client is wants to access internal resource over IPsec. 

Resource already exposed to internet and has public IP IP x.x.x.x, can the client access the x.x.x.x resource over IPsec 

and the same IP x.x.x.x will be available for