Next-Generation Firewall Discussions

DNS routing issue - OpenVPN inside GlobalProtect VPN

Hi,

We are running on a setup today where the client connects through L2TP to a Mikrotik-router and then connects with OpenVPN to the next environment.

Just now we are switchning to PA440 and GlobalProtect VPN IPSec instead of L2TP, and we have a

Vsys and tagging automation

Hello, we have a service that runs when we build servers that will tag the servers being created with its tag and ip information via the rest api. We're trying to migrate to a new vsys, from L2 to a L3 vsys and when we added the new vsys to panorama

Migration assistance PA-5050 to PA-3420

Hi,

I need assistance replacing a firewall cluster PA-5050 and standalone panorama by a firewall cluster PA-3420 and a cluster panorama.

Actually the firewall cluster PA-5050 and standalone panorama are in production. The templates network is manag

Active/Passive FW with Primary/Backup ISP

Hi

My ISP will provide an Internet access with primary access and backup access. We have an HA Active/Stand-by firewall. The primary Internet access will be directly connected on active FW and the backup Internet access will be connected on interface

Mitigation for DHCP Starvation attack in shared network zone (e.g.Eduroam)

Hi everyone, 

Is there anyway for us to utilize Palo NGFW to prevent or mitigate DHCP starvation attack. 

For example, a user's BYOD device is infected with malware, after authenticated with eduroam network, the device start performing DHCP starvatio

IPsec VPN to tunnel public IP

We have requirement where client is wants to access internal resource over IPsec. 

Resource already exposed to internet and has public IP IP x.x.x.x, can the client access the x.x.x.x resource over IPsec 

and the same IP x.x.x.x will be available for

block yahoo mail

Hello Everyone,

Does anyone have a way to block Yahoo web-based email without enabling decryption?

1. I have read through the forums, and tried blocking with a URL Profile with the following url configs.

*.mail.yahoo.com

*.mail.yahoo.com/

mail.ya

Need help for account license

Hi All,

My organisation purchase two quantity of PA-800 series firewall and associated license also. Problem is we have not received any account creation mail from OEM to register the devices and linked purchase licenses. Should palo alto provides

PA - 3220 Secondary box Tech support file.

Hi expert,

we are trying to Generate the Tech support file using Cli.

The TSF file generated but file is not same as we are extracting from GUI. 

The File size is only two Mb. 

GUI response is very slow we are not able to generate the tech file.